pypi
4,718 tracked vulnerabilities.
CVE-2023-50715
MEDIUM
Home Assistant < 2023.12.3 - Unauthenticated User Account Enumeration via LAN Login Page
Dec 15, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-6831
HIGH
NUCLEI
MLflow < 2.9.2 - Path Traversal via Backslash-Dot-Dot-Slash Sequence
Dec 15, 2023
CVSS 8.1
EPSS 0.74
CVE-2023-6572
HIGH
gradio-app/gradio <main - Command Injection
Dec 14, 2023
CVSS 8.1
EPSS 0.02
CVE-2023-6569
HIGH
h2o - Path Traversal
Dec 14, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-50248
MEDIUM
CKAN <2.9.10-2.10.3 - Memory Corruption
Dec 13, 2023
CVSS 4.5
EPSS 0.00
CVE-2023-46247
HIGH
vyper < 0.3.8 - Incorrect Storage Slot Calculation via Floating-Point Rounding Error
Dec 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-6753
HIGH
MLflow < 2.9.2 - Path Traversal
Dec 13, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-50263
LOW
Nautobot 1.x-2.0.x < 1.6.7/2.0.6 - Unauthenticated Arbitrary File Download via FileProxy Endpoints
Dec 12, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-5764
HIGH
Ansible < 2.14.12 and 2.16.0-2.16.1 - Template Injection via Unsafe Data Handling
Dec 12, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-43364
CRITICAL
searchor < 2.4.2 - Remote Code Execution via CLI Input
Dec 12, 2023
CVSS 9.8
EPSS 0.30
CVE-2023-35625
MEDIUM
Azure Machine Learning SDK < 1.5.0 - Exposure of Sensitive Information
Dec 12, 2023
CVSS 4.7
EPSS 0.01
CVE-2023-6709
HIGH
mlflow/mlflow <2.9.2 - Info Disclosure
Dec 12, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-50423
CRITICAL
SAP XSSEC < 4.1.0 - Unauthenticated Privilege Escalation
Dec 12, 2023
CVSS 9.1
EPSS 0.00
CVE-2023-49796
MEDIUM
mindsdb < 23.11.4.1 - Limited File Write via file.py
Dec 11, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-49795
MEDIUM
MindsDB < 23.11.4.1 - Server-Side Request Forgery in file.py
Dec 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-49797
HIGH
PyInstaller < 5.13.1 - Unauthenticated Arbitrary File Deletion via Temporary File Symlink Race Condition
Dec 09, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-48311
HIGH
dockerspawner 0.11.0-12.x - Unauthenticated Arbitrary Docker Image Execution via Missing allowed_images Configuration
Dec 08, 2023
CVSS 8.0
EPSS 0.00
CVE-2023-6568
MEDIUM
NUCLEI
MLflow < 2.9.0 - Reflected Cross-Site Scripting via Content-Type Header
Dec 07, 2023
CVSS 6.1
EPSS 0.33
CVE-2023-26154
MEDIUM
PubNub <7.4.0, <6.19.0, <7.3.0, <6.1.0, <5.3.0, <0.4.0 - Path Trave...
Dec 06, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-49297
LOW
PyDrive2 <1.16.2 - Arbitrary Code Execution via Unsafe YAML Deserialization
Dec 05, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-43472
HIGH
NUCLEI
MLFlow < 2.8.1 - Information Disclosure via REST API
Dec 05, 2023
CVSS 7.5
EPSS 0.73
CVE-2023-49080
LOW
jupyter_server < 2.11.2 - Authenticated Sensitive Information Exposure via API Error Traceback
Dec 04, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-49277
HIGH
dpaste < 3.8 - Reflected Cross-Site Scripting via Expires Parameter
Dec 01, 2023
CVSS 8.3
EPSS 0.00
CVE-2023-49081
HIGH
aiohttp < 3.9.0 - HTTP Request Smuggling via HTTP Version Manipulation
Nov 30, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-49082
MEDIUM
aiohttp < 3.9.0 - HTTP Request Smuggling via CRLF Injection
Nov 29, 2023
CVSS 5.3
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 111
Plone 96
open-webui 86
mlflow 70
apache-superset 67
salt 67
ansible 66
pillow 52
nova 48
gradio 46
rdiffweb 43
matrix-synapse 42
pyload-ng 41
vyper 39
vllm 38
keystone 36
moin 35
aiohttp 33
opencv-contrib-python 30
opencv-python 30
PraisonAI 27
pgadmin4 26
pypdf 24
glance 22
langflow 22
ethyca-fides 21
Quick Filters