pypi

4,718 tracked vulnerabilities.

CVE-2023-49657 CRITICAL
Apache Superset < 3.0.3 - Authenticated Stored Cross-Site Scripting in Chart or Dashboard
Jan 23, 2024
CVSS 9.6
EPSS 0.00
CVE-2023-50447 HIGH
Pillow < 10.1.0 - Remote Code Execution via PIL.ImageMath.eval Environment Parameter
Jan 19, 2024
CVSS 8.1
EPSS 0.01
CVE-2023-6395 MEDIUM
Mock - Privilege Escalation
Jan 16, 2024
CVSS 6.7
EPSS 0.01
CVE-2023-46226 CRITICAL
Apache IoTDB 1.0.0-1.2.2 - Remote Code Execution
Jan 15, 2024
CVSS 9.8
EPSS 0.03
CVE-2023-52289 HIGH
flaskcode < 0.0.8 - Unauthenticated Path Traversal and Arbitrary File Write via /update-resource-data Endpoint
Jan 13, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-52288 HIGH
flaskcode < 0.0.8 - Unauthenticated Path Traversal via /resource-data Endpoint
Jan 13, 2024
CVSS 7.5
EPSS 0.01
CVE-2023-45139 HIGH
fonttools 4.28.2-4.42.9 - XML External Entity Injection via SVG Table Parsing
Jan 10, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-50974 MEDIUM
Appwrite CLI < 3.0.0 - Unprotected Credential Exposure via Prefs.json File
Jan 09, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-47890 HIGH
pyload 0.5.0 - Unauthenticated Path Traversal via Unrestricted File Upload
Jan 08, 2024
CVSS 8.8
EPSS 0.00
CVE-2023-52323 MEDIUM
PyCryptodome and PyCryptodomeX < 3.19.1 - Side-Channel Leakage for OAEP Decryption
Jan 05, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-52314 CRITICAL
PaddlePaddle < 2.6.0 - OS Command Injection via convert_shape_compare
Jan 03, 2024
CVSS 9.6
EPSS 0.00
CVE-2023-52313 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via FPE in paddle.argmin and paddle.argmax
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-52312 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via Null Pointer Dereference in paddle.crop
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-52311 CRITICAL
PaddlePaddle < 2.6.0 - OS Command Injection via _wget_download
Jan 03, 2024
CVSS 9.6
EPSS 0.00
CVE-2023-52310 CRITICAL
PaddlePaddle < 2.6.0 - OS Command Injection via get_online_pass_interval
Jan 03, 2024
CVSS 9.6
EPSS 0.00
CVE-2023-52309 HIGH
PaddlePaddle < 2.6.0 - Heap Buffer Overflow in paddle.repeat_interleave
Jan 03, 2024
CVSS 8.2
EPSS 0.00
CVE-2023-52308 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via paddle.amin Divide By Zero
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-52307 HIGH
PaddlePaddle < 2.6.0 - Stack Overflow in paddle.linalg.lu_unpack
Jan 03, 2024
CVSS 8.2
EPSS 0.00
CVE-2023-52306 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via paddle.lerp Divide By Zero
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-52305 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via Floating-Point Exception in paddle.topk
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-52304 HIGH
PaddlePaddle < 2.6.0 - Stack Overflow in paddle.searchsorted
Jan 03, 2024
CVSS 8.2
EPSS 0.00
CVE-2023-52303 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via Null Pointer Dereference in paddle.put_along_axis
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-52302 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via Null Pointer Dereference in paddle.nextafter
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-38678 MEDIUM
PaddlePaddle < 2.6.0 - Denial of Service via Out-of-Bounds Read in paddle.mode
Jan 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-38677 MEDIUM
PaddlePaddle <2.6.0 - Memory Corruption
Jan 03, 2024
CVSS 4.7
EPSS 0.00
Products
tensorflow 427 tensorflow-gpu 421 tensorflow-cpu 417 Django 147 apache-airflow 111 Plone 96 open-webui 86 mlflow 70 apache-superset 67 salt 67 ansible 66 pillow 52 nova 48 gradio 46 rdiffweb 43 matrix-synapse 42 pyload-ng 41 vyper 39 vllm 38 keystone 36 moin 35 aiohttp 33 opencv-contrib-python 30 opencv-python 30 PraisonAI 27 pgadmin4 26 pypdf 24 glance 22 langflow 22 ethyca-fides 21
Quick Filters
Critical CVEs With Exploits In CISA KEV