pypi

5,009 tracked vulnerabilities.

CVE-2023-42663 MEDIUM
Apache Airflow < 2.7.2 - Authenticated Exposure of Sensitive Task Instance Information
Oct 14, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-45853 CRITICAL
zlib < 1.3.1 - Heap-Based Buffer Overflow via MiniZip Long Filename
Oct 14, 2023
CVSS 9.8
EPSS 0.03
CVE-2023-41882 MEDIUM
vantage6 < 4.0.0 - Improper Access Control in Task Collection Endpoint
Oct 11, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-41881 LOW
vantage6 < 4.0.0 - Authenticated Exposure of Sensitive Information via Collaboration ID Reuse
Oct 11, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-28635 MEDIUM
vantage6 < 4.0.0 - Incorrect Authorization via Integer Resource Name
Oct 11, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-23930 MEDIUM
vantage6 < 4.0.2 - Remote Code Execution via Pickle Deserialization
Oct 11, 2023
CVSS 5.5
EPSS 0.01
CVE-2023-45129 MEDIUM
Synapse < 1.94.0 - Denial of Service via Malicious Server ACL Event
Oct 10, 2023
CVSS 4.9
EPSS 0.01
CVE-2023-36566 MEDIUM
Microsoft Common Data Model SDK - DoS
Oct 10, 2023
CVSS 6.5
EPSS 0.03
CVE-2023-44467 CRITICAL
LangChain <0.0.306 - Command Injection
Oct 09, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-41047 MEDIUM
OctoPrint <= 1.9.2 - Authenticated Remote Code Execution via GCODE Script Rendering
Oct 09, 2023
CVSS 6.2
EPSS 0.01
CVE-2023-43810 HIGH
OpenTelemetry < 0.41b0 - Uncontrolled Resource Consumption via HTTP Method Label
Oct 06, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-4570 HIGH
NI MeasurementLink <1.1.0 - Info Disclosure
Oct 05, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-44389 LOW
Zope 4.0-4.8.10 - Stored Cross-Site Scripting in Title Property
Oct 04, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-43804 MEDIUM
urllib3 <1.26.17, <2.0.5 - Info Disclosure
Oct 04, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-4237 HIGH
Ansible Automation Platform - Info Disclosure
Oct 04, 2023
CVSS 7.3
EPSS 0.00
CVE-2023-26151 MEDIUM
freeopcua/opcua-asyncio < 0.9.96 - Denial of Service via Malformed Packet
Oct 03, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-26150 MEDIUM
asyncua <0.9.96 - Improper Authentication
Oct 03, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-44463 MEDIUM
pretix < 2023.7.1 - IP Address Spoofing via X-Forwarded-For Header
Oct 02, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-5289 HIGH
rdiffweb < 2.8.4 - Denial of Service via Resource Exhaustion
Sep 29, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-44464 HIGH
pretix < 2023.7.2 - Unauthenticated Arbitrary File Read via EPS File Parsing
Sep 29, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-43654 CRITICAL NUCLEI
TorchServe 0.1.0-0.8.1 - Server-Side Request Forgery via Model URL Parameter
Sep 28, 2023
CVSS 10.0
EPSS 0.35
CVE-2023-26145 HIGH
pydash < 6.0.0 - OS Command Injection via Deep Path String Manipulation
Sep 28, 2023
CVSS 7.4
EPSS 0.03
CVE-2023-42460 MEDIUM
vyper 0.3.4-0.3.9 - Incorrect Calculation in _abi_decode()
Sep 27, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-42453 LOW
Synapse >=1.34.0 <1.93.0 - Improper Authorization via Forged Read Receipts
Sep 27, 2023
CVSS 3.1
EPSS 0.01
CVE-2023-41335 LOW
Synapse 1.66.0-1.93.0 - Cleartext Storage of Sensitive Information in Database
Sep 27, 2023
CVSS 3.7
EPSS 0.00