pypi
4,718 tracked vulnerabilities.
CVE-2024-1455
MEDIUM
langchain 0.1.4-0.1.34 - Denial of Service via XML Entity Expansion
Mar 26, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-29199
LOW
Nautobot < 1.6.16 - Unauthenticated Exposure of Sensitive Information via URL Endpoints
Mar 26, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-29189
HIGH
PyAnsys Geometry <0.3.3-0.4.11 - Code Injection
Mar 26, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-1603
HIGH
PaddlePaddle Paddle <2.6.0 - Info Disclosure
Mar 23, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-29190
HIGH
MobSF <= 3.9.5 Beta - android:host Server-Side Request Forgery
Mar 22, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-1727
MEDIUM
gradio < 4.19.2 - Cross-Site Request Forgery via File Upload
Mar 21, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-28102
MEDIUM
jwcrypto < 1.5.6 - Denial of Service via Malicious JWE Token
Mar 21, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-27292
HIGH
NUCLEI
Docassemble - Local File Inclusion
Mar 21, 2024
CVSS 7.5
EPSS 0.94
CVE-2024-27291
MEDIUM
Docassemble <1.4.97 - Open Redirect
Mar 21, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-27290
MEDIUM
docassemble < 1.4.97 - Stored Cross-Site Scripting via User Input Field
Mar 21, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-29033
HIGH
jupyter/oauthenticator < 16.3.0 - Improper Authorization via GoogleOAuthenticator.hosted_domain
Mar 20, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-29032
MEDIUM
Qiskit IBM Runtime 0.1.0-0.21.1 - Remote Code Execution via RuntimeDecoder JSON Deserialization
Mar 20, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-28179
CRITICAL
Jupyter Server Proxy < 3.2.3 and 4.0.0-4.1.1 - Unauthenticated Remote Code Execution via WebSocket Endpoint
Mar 20, 2024
CVSS 9.0
EPSS 0.00
CVE-2024-21503
MEDIUM
black < 24.3.0 - Denial of Service via Inefficient Regular Expression in strings.py
Mar 19, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-28865
HIGH
django-wiki <0.10.1 - Info Disclosure
Mar 18, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-28237
MEDIUM
OctoPrint < 1.10.0 - Stored Cross-Site Scripting via Webcam Snapshot URL
Mar 18, 2024
CVSS 4.0
EPSS 0.00
CVE-2024-29156
MEDIUM
OpenStack Murano <16.0.0 - Info Disclosure
Mar 18, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-22513
MEDIUM
djangorestframework-simplejwt <5.3.1 - Info Disclosure
Mar 16, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-27351
MEDIUM
Django <3.2.25, <4.2.11, <5.0.3 - DoS
Mar 15, 2024
CVSS 5.3
EPSS 0.03
CVE-2024-24770
MEDIUM
vantage6 < 4.2.2 and >= 4.3.0 - Username Enumeration via Password Recovery and 2FA Lost Token Endpoints
Mar 14, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-23823
MEDIUM
vantage6 < 4.2.1 and >=0 < 4.3.0 - Permissive Cross-domain Security Policy
Mar 14, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-28746
HIGH
Apache Airflow <2.8.3 - Info Disclosure
Mar 14, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-27097
MEDIUM
CKAN <2.9.11, <2.10.4 - Info Disclosure
Mar 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-27305
MEDIUM
aiosmtpd <1.4.5 - SMTP Smuggling Sender Spoofing
Mar 12, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-26164
HIGH
Microsoft Django Backend for SQL Server < 1.4.1 - Remote Code Execution
Mar 12, 2024
CVSS 8.8
EPSS 0.06
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 111
Plone 96
open-webui 86
mlflow 70
apache-superset 67
salt 67
ansible 66
pillow 52
nova 48
gradio 46
rdiffweb 43
matrix-synapse 42
pyload-ng 41
vyper 39
vllm 38
keystone 36
moin 35
aiohttp 33
opencv-contrib-python 30
opencv-python 30
PraisonAI 27
pgadmin4 26
pypdf 24
glance 22
langflow 22
ethyca-fides 21
Quick Filters