pypi
4,998 tracked vulnerabilities.
CVE-2024-23732
HIGH
embedchain < 0.1.57 - Denial of Service via JSON Loader ReDoS
Jan 21, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23731
CRITICAL
embedchain < 0.1.57 - Remote Code Execution via OpenAPI Loader YAML Deserialization
Jan 21, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-23730
CRITICAL
LlamaHub < 0.0.67 - Remote Code Execution via YAML Deserialization in OpenAPI and ChatGPT Plugin Loaders
Jan 21, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-0521
HIGH
Paddlepaddle paddle - Code Injection
Jan 20, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-22421
HIGH
JupyterLab <4.1.0b2-3.6.7 - Info Disclosure
Jan 19, 2024
CVSS 7.6
EPSS 0.01
CVE-2024-22420
MEDIUM
JupyterLab <4.0.11 - Privilege Escalation
Jan 19, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-23329
LOW
changedetection.io 0.39.14-0.45.13 - Unauthenticated Watch History Exposure via API Endpoint
Jan 19, 2024
CVSS 3.7
EPSS 0.01
CVE-2024-22415
HIGH
jupyter-lsp < 2.2.2 - Unauthenticated Improper Access Control
Jan 18, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-22419
HIGH
vyper < 0.3.10 and >=0.3.0 <0.4.0 - Buffer Overflow in concat Built-in
Jan 18, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-0669
MEDIUM
Plone < 6.0.5 - Cross-Frame Scripting via Malicious URL
Jan 18, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-22416
CRITICAL
pyload-ng < 0.5.0b3.dev78 - Unauthenticated Cross-Site Request Forgery via GET API Requests
Jan 18, 2024
CVSS 9.6
EPSS 0.01
CVE-2024-21669
CRITICAL
Hyperledger Aries Cloud Agent Python 0.7.0-0.10.4 - Cryptographic Signature Verification Bypass
Jan 11, 2024
CVSS 9.9
EPSS 0.01
CVE-2024-22195
MEDIUM
Jinja < 3.1.3 - Cross-Site Scripting via xmlattr Filter
Jan 11, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-22194
LOW
cdo-local-uuid <0.4.0 - Info Disclosure
Jan 11, 2024
CVSS 2.2
EPSS 0.00
CVE-2024-22190
HIGH
GitPython < 3.1.41 - Untrusted Search Path on Windows via Git or Bash Execution
Jan 11, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-21645
MEDIUM
NUCLEI
pyload < 0.5.0b3.dev77 - Unauthenticated Log Injection
Jan 08, 2024
CVSS 5.3
EPSS 0.25
CVE-2024-21644
HIGH
NUCLEI
pyload < 0.5.0b3.dev77 - Unauthenticated Information Exposure via Flask Config Endpoint
Jan 08, 2024
CVSS 7.5
EPSS 0.42
CVE-2024-21642
HIGH
D-Tale < 3.9.0 - Server-Side Request Forgery via Load From the Web Input
Jan 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21910
MEDIUM
TinyMCE < 5.10.0 - Unauthenticated Stored Cross-Site Scripting via Crafted Image or Link URLs
Jan 03, 2024
CVSS 6.1
EPSS 0.01
CVE-2023-7333
MEDIUM
records-mover < 1.6.0 - SQL Injection in Table Object Handler
Jan 07, 2026
CVSS 5.3
EPSS 0.00
CVE-2023-51232
HIGH
Dagster < 1.5.11 - Directory Traversal via /logs Endpoint
Jul 07, 2025
CVSS 7.5
EPSS 0.01
CVE-2023-25574
CRITICAL
jupyterhub-ltiauthenticator 1.3.0-1.4.0 - Improper Verification of Cryptographic Signature in LTI13Authenticator
Feb 25, 2025
CVSS 10.0
EPSS 0.00
CVE-2023-1907
HIGH
pgadmin < 7.0 - Unauthenticated Session Hijacking via LDAP Authentication
Jan 09, 2025
CVSS 8.0
EPSS 0.00
CVE-2023-6110
MEDIUM
python-openstackclient < 6.3.0 - Unauthenticated Access Rule Deletion via Non-Existent Rule Handling
Nov 17, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34049
MEDIUM
Salt < 3005.4 - Predictable Script Path Hijacking in Salt-SSH Pre-Flight
Nov 14, 2024
CVSS 6.7
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters