pypi
4,718 tracked vulnerabilities.
CVE-2024-27758
HIGH
RPyC 4.0.0-5.9.9 - Remote Code Execution via __array__ Attribute
Mar 12, 2024
CVSS 8.4
EPSS 0.04
CVE-2024-28184
HIGH
WeasyPrint <61.2 - File/URL Injection
Mar 09, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-2319
MEDIUM
Django MarkdownX 4.0.2 - Stored Cross-Site Scripting via Upload Functionality
Mar 08, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-2044
CRITICAL
pgAdmin4 < 8.4 - Unauthenticated Path Traversal and Remote Code Execution via Session Deserialization
Mar 07, 2024
CVSS 9.9
EPSS 0.83
CVE-2024-0818
CRITICAL
paddlepaddle < 2.6.0 - Arbitrary File Overwrite via Path Traversal
Mar 07, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-0917
CRITICAL
paddlepaddle 2.6.0 - Remote Code Execution
Mar 07, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-0815
HIGH
Paddlepaddle <2.6.0 - Command Injection
Mar 07, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-0817
HIGH
PaddlePaddle <2.6.0 - Command Injection
Mar 07, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-27287
MEDIUM
ESPHome 2023.12.9-2024.2.2 - Authenticated Stored Cross-Site Scripting via Dashboard Configuration File Edit
Mar 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-22889
HIGH
Plone 6.0.9 - Unauthenticated Arbitrary File Read via Crafted Request
Mar 06, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-28088
HIGH
langchain < 0.1.12 and langchain-core < 0.1.30 - Path Traversal via load_chain Path Parameter
Mar 04, 2024
CVSS 8.1
EPSS 0.13
CVE-2024-26280
MEDIUM
Apache Airflow < 2.8.2 - Authenticated Information Disclosure via Audit Log Permissions
Mar 01, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-27906
MEDIUM
Apache Airflow <2.8.2 - Info Disclosure
Feb 29, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-27083
MEDIUM
Flask-AppBuilder 4.1.4-4.2.1 - Cross-Site Scripting on OAuth Login Page
Feb 29, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-25128
CRITICAL
Flask-AppBuilder <4.3.11 - OpenID Authentication Bypass via Forged Provider Request
Feb 29, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-25170
CRITICAL
Mezzanine 6.0.0 - Incorrect Authorization via Host Header Manipulation
Feb 28, 2024
CVSS 9.1
EPSS 0.02
CVE-2024-25169
CRITICAL
Mezzanine 6.0.0 - Improper Access Control in Admin Panel
Feb 28, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-26016
MEDIUM
Apache Superset < 3.0.4, 3.1.0 - Authenticated Dashboard Ownership Takeover via Import
Feb 28, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-24779
MEDIUM
Apache Superset <3.0.4, >3.1.0-<3.1.1 - Info Disclosure
Feb 28, 2024
CVSS 5.0
EPSS 0.00
CVE-2024-24773
MEDIUM
Apache Superset <3.0.4, >3.1.0-<3.1.1 - SQL Injection
Feb 28, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-24772
MEDIUM
Apache Superset <3.0.4, >3.1.0 - SQL Injection
Feb 28, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-27315
MEDIUM
Apache Superset <3.0.4, >3.1.0 - SQL Injection
Feb 28, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-1892
MEDIUM
scrapy < 2.11.1 - Denial of Service via XMLFeedSpider XML Parsing
Feb 28, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-25723
HIGH
NUCLEI
ZenML ZenML Server - Improper Authentication
Feb 27, 2024
CVSS 8.8
EPSS 0.90
CVE-2024-25711
HIGH
diffoscope < 256 - Directory Traversal via GPG Embedded Filename
Feb 27, 2024
CVSS 7.5
EPSS 0.05
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 111
Plone 96
open-webui 86
mlflow 70
apache-superset 67
salt 67
ansible 66
pillow 52
nova 48
gradio 46
rdiffweb 43
matrix-synapse 42
pyload-ng 41
vyper 39
vllm 38
keystone 36
moin 35
aiohttp 33
opencv-contrib-python 30
opencv-python 30
PraisonAI 27
pgadmin4 26
pypdf 24
glance 22
langflow 22
ethyca-fides 21
Quick Filters