pypi
4,998 tracked vulnerabilities.
CVE-2023-47037
MEDIUM
Apache Airflow < 2.7.3 - Authenticated DAG Run Detail Modification via Notes Submission
Nov 12, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-42781
MEDIUM
Apache Airflow < 2.7.3 - Authenticated Exposure of Sensitive Task Instance Information
Nov 12, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-47128
CRITICAL
piccolo < 1.1.1 - SQL Injection via Savepoint Name Parameter
Nov 10, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-46894
HIGH
esptool 4.6.2 - Inadequate Encryption Strength
Nov 09, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-43791
CRITICAL
Label Studio <1.8.2 - Privilege Escalation
Nov 09, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-47248
CRITICAL
NUCLEI
PyArrow 0.14.0-14.0.0 - Remote Code Execution via Untrusted Data Deserialization
Nov 09, 2023
CVSS 9.8
EPSS 0.14
CVE-2023-47114
MEDIUM
Fides 2.15.1-2.23.2 - Stored Cross-Site Scripting in Data Subject Access Request Package
Nov 08, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-44271
HIGH
Pillow < 10.0.0 - Denial of Service via Truetype Font Memory Allocation
Nov 03, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-43665
HIGH
Django <3.2.22, <4.1.12, <4.2.6 - DoS
Nov 03, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41164
HIGH
Django <3.2.21-<4.1.11-<4.2.5 - DoS
Nov 03, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-47204
CRITICAL
transmute-core < 1.13.5 - Remote Code Execution via YAML Deserialization
Nov 02, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-46695
HIGH
Django 3.2-3.2.22, 4.1-4.1.12, 4.2-4.2.6 - Denial of Service via NFKC Unicode Normalization
Nov 02, 2023
CVSS 7.5
EPSS 0.50
CVE-2023-43796
MEDIUM
Synapse <1.95.1-1.96.0rc1 - Info Disclosure
Oct 31, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-46250
MEDIUM
pypdf 3.7.0-3.16.4 - Denial of Service via Infinite Loop
Oct 31, 2023
CVSS 5.1
EPSS 0.00
CVE-2023-46215
HIGH
Apache Airflow <2.6.3, <3.4.0 - Info Disclosure
Oct 28, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-46137
MEDIUM
Twisted <23.10.0rc1 - Info Disclosure
Oct 25, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-46134
MEDIUM
D-Tale < 3.7.0 - Remote Code Execution via Custom Filter Input
Oct 25, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-5752
MEDIUM
pip < 23.3 - Command Injection via Mercurial VCS URL Configuration
Oct 25, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-46136
HIGH
Werkzeug < 2.3.8 and 3.0.0 - Denial of Service via Crafted Multipart Data
Oct 25, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-46128
MEDIUM
Nautobot 2.0.0-2.0.2 - Authenticated Exposure of Hashed User Passwords via REST API Depth Parameter
Oct 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-46126
LOW
Fides < 2.22.1 - Authenticated Stored Cross-Site Scripting via Privacy Policy URL
Oct 25, 2023
CVSS 3.9
EPSS 0.01
CVE-2023-46125
MEDIUM
Fides < 2.22.1 - Unauthorized Exposure of Sensitive Configuration via API Endpoint
Oct 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-46124
HIGH
Fides < 2.22.1 - Server-Side Request Forgery via YAML Dataset and Config Files
Oct 25, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-46288
MEDIUM
Apache Airflow <2.7.0 - Info Disclosure
Oct 23, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32786
HIGH
Langchain < 0.0.155 - Server-Side Request Forgery via Prompt Injection
Oct 20, 2023
CVSS 7.5
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters