pypi
5,009 tracked vulnerabilities.
CVE-2023-46215
HIGH
Apache Airflow <2.6.3, <3.4.0 - Info Disclosure
Oct 28, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-46137
MEDIUM
Twisted <23.10.0rc1 - Info Disclosure
Oct 25, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-46134
MEDIUM
D-Tale < 3.7.0 - Remote Code Execution via Custom Filter Input
Oct 25, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-5752
MEDIUM
pip < 23.3 - Command Injection via Mercurial VCS URL Configuration
Oct 25, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-46136
HIGH
Werkzeug < 2.3.8 and 3.0.0 - Denial of Service via Crafted Multipart Data
Oct 25, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-46128
MEDIUM
Nautobot 2.0.0-2.0.2 - Authenticated Exposure of Hashed User Passwords via REST API Depth Parameter
Oct 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-46126
LOW
Fides < 2.22.1 - Authenticated Stored Cross-Site Scripting via Privacy Policy URL
Oct 25, 2023
CVSS 3.9
EPSS 0.01
CVE-2023-46125
MEDIUM
Fides < 2.22.1 - Unauthorized Exposure of Sensitive Configuration via API Endpoint
Oct 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-46124
HIGH
Fides < 2.22.1 - Server-Side Request Forgery via YAML Dataset and Config Files
Oct 25, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-46288
MEDIUM
Apache Airflow <2.7.0 - Info Disclosure
Oct 23, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-32786
HIGH
Langchain < 0.0.155 - Server-Side Request Forgery via Prompt Injection
Oct 20, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-45805
HIGH
PDM 2.0.0-2.9.3 - Dependency Confusion via Malicious pdm.lock File
Oct 20, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-5690
HIGH
modoboa < 2.2.2 - Cross-Site Request Forgery
Oct 20, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-5689
MEDIUM
modoboa < 2.2.2 - DOM-based Cross-Site Scripting
Oct 20, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-5688
MEDIUM
modoboa < 2.2.2 - DOM-Based Cross-Site Scripting
Oct 20, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-41893
MEDIUM
Home Assistant < 2023.9.0 - Unauthenticated Exposure of Sensitive Information via OAuth Redirect URI Manipulation
Oct 20, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-45815
MEDIUM
ArchiveBox < 0.6.2 - Stored Cross-Site Scripting via Wget Extractor
Oct 19, 2023
CVSS 6.4
EPSS 0.01
CVE-2023-44690
HIGH
mycli 1.27.0 - Inadequate Encryption Strength in Config File
Oct 19, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-45809
LOW
Wagtail < 4.1.9 - Authenticated Information Disclosure via User Account Bulk Action URL
Oct 19, 2023
CVSS 2.7
EPSS 0.00
CVE-2023-46229
HIGH
langchain < 0.0.317 - Server-Side Request Forgery via Recursive URL Loader
Oct 19, 2023
CVSS 8.8
EPSS 0.45
CVE-2023-45813
MEDIUM
Torbot < 4.0.0 - Denial of Service via Inefficient URL Validation Regex
Oct 18, 2023
CVSS 4.6
EPSS 0.01
CVE-2023-45803
MEDIUM
urllib3 < 1.26.18 and 2.0.0-2.0.7 - Exposure of Sensitive Information via HTTP Redirect
Oct 17, 2023
CVSS 4.2
EPSS 0.01
CVE-2023-45348
MEDIUM
Apache Airflow 2.7.0-2.7.1 - Authenticated Exposure of Sensitive Configuration Information
Oct 14, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-42792
MEDIUM
Apache Airflow < 2.7.2 - Authenticated DAG Resource Access Control Bypass
Oct 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-42780
MEDIUM
Apache Airflow < 2.7.2 - Authenticated Exposure of Sensitive Information via DAG Warning List
Oct 14, 2023
CVSS 6.5
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters