pypi
4,718 tracked vulnerabilities.
CVE-2024-22190
HIGH
GitPython < 3.1.41 - Untrusted Search Path on Windows via Git or Bash Execution
Jan 11, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-21645
MEDIUM
NUCLEI
pyload < 0.5.0b3.dev77 - Unauthenticated Log Injection
Jan 08, 2024
CVSS 5.3
EPSS 0.73
CVE-2024-21644
HIGH
NUCLEI
pyload < 0.5.0b3.dev77 - Unauthenticated Information Exposure via Flask Config Endpoint
Jan 08, 2024
CVSS 7.5
EPSS 0.87
CVE-2024-21642
HIGH
D-Tale < 3.9.0 - Server-Side Request Forgery via Load From the Web Input
Jan 05, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21910
MEDIUM
TinyMCE < 5.10.0 - Unauthenticated Stored Cross-Site Scripting via Crafted Image or Link URLs
Jan 03, 2024
CVSS 6.1
EPSS 0.04
CVE-2023-7333
MEDIUM
records-mover < 1.6.0 - SQL Injection in Table Object Handler
Jan 07, 2026
CVSS 5.3
EPSS 0.00
CVE-2023-51232
HIGH
Dagster < 1.5.11 - Directory Traversal via /logs Endpoint
Jul 07, 2025
CVSS 7.5
EPSS 0.02
CVE-2023-25574
CRITICAL
jupyterhub-ltiauthenticator 1.3.0-1.4.0 - Improper Verification of Cryptographic Signature in LTI13Authenticator
Feb 25, 2025
CVSS 10.0
EPSS 0.00
CVE-2023-1907
HIGH
pgadmin < 7.0 - Unauthenticated Session Hijacking via LDAP Authentication
Jan 09, 2025
CVSS 8.0
EPSS 0.00
CVE-2023-6110
MEDIUM
python-openstackclient < 6.3.0 - Unauthenticated Access Rule Deletion via Non-Existent Rule Handling
Nov 17, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34049
MEDIUM
Salt < 3005.4 - Predictable Script Path Hijacking in Salt-SSH Pre-Flight
Nov 14, 2024
CVSS 6.7
EPSS 0.00
CVE-2023-33976
HIGH
TensorFlow < 2.13.0 - Denial of Service via array_ops.upper_bound Rank Check
Jul 30, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-49793
MEDIUM
CodeChecker < 6.23.0 - Authenticated Path Traversal via Mass Store Run Endpoint
Jun 24, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-46960
HIGH
PyPXE 1.8.4 - Denial of Service via TFTP Handle Function Buffer Overflow
Apr 29, 2024
CVSS 8.6
EPSS 0.02
CVE-2023-1000
MEDIUM
dcnnt-py < 0.9.1 - Remote Command Injection in Notification Handler
Apr 27, 2024
CVSS 6.3
EPSS 0.01
CVE-2023-29483
HIGH
eventlet < 0.35.2 - DNS Spoofing via Self-reported DNS Name Trust
Apr 11, 2024
CVSS 7.0
EPSS 0.08
CVE-2023-41334
HIGH
astropy < 5.3.3 - Remote Code Execution via TransformGraph().to_dot_graph savelayout Argument
Mar 18, 2024
CVSS 8.4
EPSS 0.03
CVE-2023-6681
MEDIUM
JWCrypto < 1.5.1 - Denial of Service via Excessive Resource Consumption
Feb 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-50782
HIGH
Python-cryptography - Info Disclosure
Feb 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-50781
HIGH
Red Hat Enterprise Linux - Observable Discrepancy in RSA Key Exchange
Feb 05, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-47116
MEDIUM
Label Studio < 1.11.0 - Server-Side Request Forgery via DNS Rebinding or HTTP Redirection
Jan 31, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-51702
MEDIUM
Apache Airflow 2.3.0-2.6.0 Sensitive Information Exposure in Deferrable Mode
Jan 24, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-50944
MEDIUM
Apache Airflow < 2.8.1 - Authenticated Unauthorized DAG Source Code Access
Jan 24, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-50943
HIGH
Apache Airflow < 2.8.1 - Deserialization of Untrusted Data via XCom Poisoning
Jan 24, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-47115
HIGH
NUCLEI
Label Studio < 1.9.2 - Authenticated Stored Cross-Site Scripting via Avatar Image Upload
Jan 23, 2024
CVSS 7.1
EPSS 0.03
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 111
Plone 96
open-webui 86
mlflow 70
apache-superset 67
salt 67
ansible 66
pillow 52
nova 48
gradio 46
rdiffweb 43
matrix-synapse 42
pyload-ng 41
vyper 39
vllm 38
keystone 36
moin 35
aiohttp 33
opencv-contrib-python 30
opencv-python 30
PraisonAI 27
pgadmin4 26
pypdf 24
glance 22
langflow 22
ethyca-fides 21
Quick Filters