pypi
4,998 tracked vulnerabilities.
CVE-2023-6709
HIGH
mlflow/mlflow <2.9.2 - Info Disclosure
Dec 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-50423
CRITICAL
SAP XSSEC < 4.1.0 - Unauthenticated Privilege Escalation
Dec 12, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-49796
MEDIUM
mindsdb < 23.11.4.1 - Limited File Write via file.py
Dec 11, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-49795
MEDIUM
MindsDB < 23.11.4.1 - Server-Side Request Forgery in file.py
Dec 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-49797
HIGH
PyInstaller < 5.13.1 - Unauthenticated Arbitrary File Deletion via Temporary File Symlink Race Condition
Dec 09, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-48311
HIGH
dockerspawner 0.11.0-12.x - Unauthenticated Arbitrary Docker Image Execution via Missing allowed_images Configuration
Dec 08, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-6568
MEDIUM
NUCLEI
MLflow < 2.9.0 - Reflected Cross-Site Scripting via Content-Type Header
Dec 07, 2023
CVSS 6.1
EPSS 0.02
CVE-2023-26154
MEDIUM
PubNub <7.4.0, <6.19.0, <7.3.0, <6.1.0, <5.3.0, <0.4.0 - Path Trave...
Dec 06, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-49297
LOW
PyDrive2 <1.16.2 - Arbitrary Code Execution via Unsafe YAML Deserialization
Dec 05, 2023
CVSS 3.3
EPSS 0.01
CVE-2023-43472
HIGH
NUCLEI
MLFlow < 2.8.1 - Information Disclosure via REST API
Dec 05, 2023
CVSS 7.5
EPSS 0.37
CVE-2023-49080
LOW
jupyter_server < 2.11.2 - Authenticated Sensitive Information Exposure via API Error Traceback
Dec 04, 2023
CVSS 3.5
EPSS 0.01
CVE-2023-49277
HIGH
dpaste < 3.8 - Reflected Cross-Site Scripting via Expires Parameter
Dec 01, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-49081
HIGH
aiohttp < 3.9.0 - HTTP Request Smuggling via HTTP Version Manipulation
Nov 30, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-49082
MEDIUM
aiohttp < 3.9.0 - HTTP Request Smuggling via CRLF Injection
Nov 29, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-49083
MEDIUM
cryptography 3.1-41.0.5 - Denial of Service via PKCS7 Certificate Deserialization
Nov 29, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-42504
MEDIUM
Apache Superset < 3.0.0 - Authenticated Denial of Service via Concurrent Dashboard Export Requests
Nov 28, 2023
CVSS 5.8
EPSS 0.01
CVE-2023-42505
MEDIUM
Apache Superset < 3.0.0 - Authenticated Exposure of Sensitive Database Connection Information
Nov 28, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-42502
MEDIUM
Apache Superset < 3.0.0 - Authenticated Open Redirect via HTTP Host Header Spoofing
Nov 28, 2023
CVSS 4.8
EPSS 0.01
CVE-2023-48022
CRITICAL
NUCLEI
Anyscale Ray 2.6.3 and 2.8.0 - Remote Code Execution via Job Submission API
Nov 28, 2023
CVSS 9.8
EPSS 0.82
CVE-2023-43701
MEDIUM
Apache Superset <2.1.2 - Code Injection
Nov 27, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-42501
MEDIUM
Apache Superset < 2.1.2 - Authenticated Unnecessary Read Permissions in Gamma Role
Nov 27, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40610
MEDIUM
Apache Superset <2.1.2 - Privilege Escalation
Nov 27, 2023
CVSS 6.3
EPSS 0.01
CVE-2023-48796
HIGH
Apache DolphinScheduler - Info Disclosure
Nov 24, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-48705
HIGH
Nautobot < 1.6.6 and 2.0.0-2.0.4 - Stored Cross-Site Scripting via Custom Links and Job Buttons
Nov 22, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-37924
CRITICAL
Apache Submarine 0.7.0-0.7.9 - SQL Injection via Login
Nov 22, 2023
CVSS 9.8
EPSS 0.07
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters