pypi
4,993 tracked vulnerabilities.
CVE-2024-42818
MEDIUM
fastapi-admin pro 0.1.4 - Stored Cross-Site Scripting via Config-Create Product Name Parameter
Aug 26, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-42816
MEDIUM
fastapi-admin pro 0.1.4 - Stored Cross-Site Scripting via Product Name Parameter
Aug 26, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-45190
MEDIUM
Mage AI - Path Traversal via Pipeline Interaction Request
Aug 23, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-45189
MEDIUM
Mage AI - Path Traversal and Arbitrary File Read via Git Content Request
Aug 23, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-45188
MEDIUM
Mage AI - Path Traversal in File Content Request
Aug 23, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-45187
HIGH
Mage AI - Unauthenticated Remote Code Execution via Deleted User Privilege Escalation
Aug 23, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-8113
MEDIUM
pretix < 2024.7.0 - Stored Cross-Site Scripting in Organizer and Event Settings
Aug 23, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-45201
HIGH
Llama Index <0.10.38 - Code Injection
Aug 22, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-8072
MEDIUM
Mage AI - Unauthenticated Exposure of Sensitive Terminal Server Command History
Aug 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-41937
MEDIUM
Apache Airflow < 2.10.0 - Stored Cross-Site Scripting via Provider Documentation Link
Aug 21, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-43371
MEDIUM
CKAN < 2.10.5 - Server-Side Request Forgery via Resource URL
Aug 21, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-41675
MEDIUM
CKAN 2.7.0-2.10.4 - Cross-Site Scripting in Datatables View Plugin
Aug 21, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-41674
MEDIUM
CKAN 2.0-2.10.4 - Sensitive Information Exposure via Solr Error Message
Aug 21, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-43396
MEDIUM
khoj < 1.15.0 - Stored Cross-Site Scripting via Automation Task Instructions
Aug 20, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-43406
HIGH
LF Edge eKuiper < 1.14.2 - SQL Injection via Get Method in sqlKvStore
Aug 20, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-43399
HIGH
Mobile Security Framework < 4.0.7 - Path Traversal via Static Libraries Extraction
Aug 19, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-6221
HIGH
corydolphin/flask-cors 4.0.1 - Info Disclosure
Aug 18, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-42353
MEDIUM
WebOb < 1.8.8 - Open Redirect via URL Parsing Hostname Override
Aug 14, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-42474
MEDIUM
Streamlit < 1.37.0 - Path Traversal via Static File Sharing Feature
Aug 12, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-42370
HIGH
Litestar <= 2.10.0 - Environment Variable Injection via docs-preview.yml Workflow
Aug 12, 2024
CVSS 8.3
EPSS 0.01
CVE-2024-42367
MEDIUM
aiohttp 3.10.0-3.10.2 - Path Traversal via Compressed File Symbolic Links
Aug 12, 2024
CVSS 4.8
EPSS 0.01
CVE-2024-41942
HIGH
JupyterHub <4.1.6, 5.1.0 - Privilege Escalation
Aug 08, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-6706
MEDIUM
OpenWebUI - Cross-Site Scripting via Malicious Prompt
Aug 07, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-7143
HIGH
Pulp - Insecure Inherited Permissions via AutoAddObjPermsMixin
Aug 07, 2024
CVSS 8.3
EPSS 0.01
CVE-2024-42005
HIGH
Django 4.2-4.2.14 and 5.0-5.0.7 - SQL Injection via JSONField QuerySet.values() Column Alias
Aug 07, 2024
CVSS 7.3
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters