pypi
4,993 tracked vulnerabilities.
CVE-2024-41991
HIGH
Django 4.2-4.2.14 and 5.0-5.0.7 - Denial of Service via Unicode Character Input
Aug 07, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-41990
HIGH
Django 4.2-4.2.14 and 5.0-5.0.7 - Denial of Service via urlize() and urlizetrunc() Template Filters
Aug 07, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-41989
HIGH
Django 4.2-4.2.14 and 5.0-5.0.7 - Uncontrolled Resource Consumption via floatformat Template Filter
Aug 07, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-42447
CRITICAL
Apache Airflow Providers FAB - Info Disclosure
Aug 05, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-7319
MEDIUM
openstack-heat - Exposure of Sensitive Information via Stack Abandon Command
Aug 02, 2024
CVSS 5.0
EPSS 0.00
CVE-2024-41955
MEDIUM
NUCLEI
Mobile Security Framework < 4.0.5 - Open Redirect in Authentication View
Jul 31, 2024
CVSS 5.2
EPSS 0.01
CVE-2024-41951
MEDIUM
Pheonix App <0.2.4 - Info Disclosure
Jul 31, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-41950
HIGH
Haystack < 2.3.1 - Remote Code Execution via Jinja2 Template Injection
Jul 31, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-7340
HIGH
NUCLEI
Weave < 0.50.8 - Path Traversal and Arbitrary File Read via Server API
Jul 31, 2024
CVSS 8.8
EPSS 0.05
CVE-2024-6578
MEDIUM
aim 3.19.3 - Stored Cross-Site Scripting in Logs-Tab via Terminal Output
Jul 29, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-41810
MEDIUM
NUCLEI
twisted < 24.7.0rc1 - Reflected Cross-Site Scripting via redirectTo Function
Jul 29, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-41671
HIGH
Twisted < 24.7.0rc1 - HTTP Request Smuggling via Pipelined Request Mismanagement
Jul 29, 2024
CVSS 8.3
EPSS 0.01
CVE-2024-41672
HIGH
DuckDB < 1.1.0 - Unauthorized File Read via sniff_csv Function
Jul 24, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-40767
MEDIUM
OpenStack Nova <27.4.1,28.2.1,29.1.1 - Info Disclosure
Jul 24, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-41656
HIGH
Sentry 10.0.0-24.7.1 - Stored Cross-Site Scripting via Integration Platform Payload
Jul 23, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-41129
MEDIUM
ops 2.0.0-2.14.9 - Sensitive Information Disclosure in Log Files via CLI Arguments
Jul 22, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-32152
LOW
Anki < 24.6 - Arbitrary File Creation via LaTeX Blocklist Bypass
Jul 22, 2024
CVSS 3.1
EPSS 0.12
CVE-2024-29073
MEDIUM
Anki < 24.6 - Arbitrary File Read via Latex Verbatim Package
Jul 22, 2024
CVSS 5.3
EPSS 0.12
CVE-2024-26020
CRITICAL
Anki < 24.06 - Arbitrary Script Execution via MPV Flashcard Rendering
Jul 22, 2024
CVSS 9.6
EPSS 0.15
CVE-2024-6961
MEDIUM
guardrails-ai < 0.5.0 - XML External Entity Injection in RAIL Document Parser
Jul 21, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-6281
HIGH
parisneo/lollms <9.5.1 - Path Traversal
Jul 20, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-41124
MEDIUM
Puncia < 0.21 - Missing Encryption of Sensitive Data via HTTP API_URLs
Jul 19, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-39123
MEDIUM
janeczku Calibre-Web 0.6.0-0.6.21 - Cross-Site Scripting in Edit Book Comments
Jul 19, 2024
CVSS 5.4
EPSS 0.23
CVE-2024-35199
HIGH
TorchServe 0.3.0-0.11.0 - Unprotected gRPC Interface Exposure
Jul 19, 2024
CVSS 8.2
EPSS 0.01
CVE-2024-35198
CRITICAL
TorchServe < 0.11.0 - Security Feature Bypass via URL Path Traversal
Jul 19, 2024
CVSS 9.8
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters