pypi

4,998 tracked vulnerabilities.

CVE-2024-34069 HIGH
Werkzeug < 3.0.3 - Remote Code Execution via Debugger PIN Bypass
May 06, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-34064 MEDIUM
Jinja < 3.1.4 - Cross-Site Scripting via xmlattr Filter Key Injection
May 06, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-32982 HIGH
Litestar < 2.8.3, < 2.7.2, < 2.6.4 - Path Traversal in Static File Serving
May 06, 2024
CVSS 8.2
EPSS 0.01
CVE-2024-34529 MEDIUM
Nebari - Exposure of Sensitive Information via Keycloak Root Password
May 06, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-34528 HIGH
WordOps < 3.21.0 - Time-of-check Time-of-use Race Condition in Stack Pref Plugin
May 06, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-34510 HIGH
Gradio < 4.20.0 - Credential Leakage on Windows
May 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-34489 HIGH
Faucet SDN Ryu 4.34 - Denial of Service via OFPHello Length Zero
May 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-34488 HIGH
Faucet SDN Ryu 4.34 - Denial of Service via OFPMultipartReply Infinite Loop
May 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-34487 HIGH
Faucet SDN Ryu 4.34 - Denial of Service via OFPFlowStats Infinite Loop
May 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-34486 HIGH
Faucet SDN Ryu 4.34 - Denial of Service via OFPQueueProp.len Zero Value
May 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-34484 MEDIUM
Faucet SDN Ryu 4.34 - Denial of Service via OFPBucket Action Length Zero
May 05, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-34483 HIGH
Faucet SDN Ryu 4.34 - Denial of Service via OFPBucket.len=0
May 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-31636 LOW
LIEF 0.14.1 - Information Disclosure via Uninitialized Variable in machd_reader.c
May 03, 2024
CVSS 3.9
EPSS 0.00
CVE-2024-34073 HIGH
sagemaker-python-sdk - Command Injection
May 03, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-34072 HIGH
sagemaker-python-sdk <2.218.0 - Code Injection
May 03, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-34062 MEDIUM
tqdm 4.4.0-4.66.2 - Remote Code Execution via CLI Argument Eval
May 03, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-4216 HIGH
pgAdmin4 < 8.6 - Cross-Site Scripting via /settings/store API Response
May 02, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-4215 HIGH
pgAdmin4 < 8.6 - Multi-Factor Authentication Bypass
May 02, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-34061 MEDIUM NUCLEI
changedetection.io <0.45.22 - Reflected XSS
May 02, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-30251 HIGH
aiohttp < 3.9.4 - Denial of Service via Crafted Multipart Form Data
May 02, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-3955 CRITICAL
Pypi Cbpi4 < 4.4.1.a1 - Code Injection
May 02, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-32882 LOW
Wagtail 6.0.0-6.0.3 - Permission Bypass via FieldPanel Permission Argument
May 02, 2024
CVSS 2.7
EPSS 0.00
CVE-2024-32979 HIGH
Nautobot 1.5.0-1.6.19 - Reflected Cross-Site Scripting via Filterable Object-List Views
May 01, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-4340 HIGH NUCLEI
sqlparse < 0.5.0 - Denial of Service via Recursive Parsing
Apr 30, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-32880 CRITICAL
pyload < 0.5.0 - Authenticated Remote Code Execution via Template Upload
Apr 26, 2024
CVSS 9.1
EPSS 0.01