Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Advisories
Loading...
Low
Ecosystems: pypi
Packages: safeurl-python
Source: GitHub Advisory Database
Published: 2 days ago
GSA_kwCzR0hTQS1qZ2g4LXZjaHctcTNnN84AAxOa
Permissive regex leads to domain filter bypassEcosystems: pypi
Packages: safeurl-python
Source: GitHub Advisory Database
Published: 2 days ago
High
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 2 days ago
GSA_kwCzR0hTQS04djUzLTIzbXgtaGNmOc4AAxNf
Improper Certificate Validation in pyload-ngEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 2 days ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 2 days ago
GSA_kwCzR0hTQS13Y202LXd2OTUtN2p3Ns4AAxNP
Cross-site Scripting in pyload-ngEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 2 days ago
High
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 2 days ago
GSA_kwCzR0hTQS1jNDY3LTVjMmctanA4Ns4AAxNO
Cross-site Scripting in modoboaEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 2 days ago
High
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 2 days ago
GSA_kwCzR0hTQS1qbTNtLXdyM3AtaGpycc4AAxNK
Cross-site Scripting in modoboaEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 2 days ago
High
Ecosystems: pypi
Packages: onnx
Source: GitHub Advisory Database
Published: 3 days ago
GSA_kwCzR0hTQS1mZnhqLTU0N3gtNWo3Y84AAxM0
Directory Traversal in onnxEcosystems: pypi
Packages: onnx
Source: GitHub Advisory Database
Published: 3 days ago
Moderate
Ecosystems: pypi
Packages: spotipy
Source: GitHub Advisory Database
Published: 6 days ago
GSA_kwCzR0hTQS1xNzY0LWc2Zm0tNTU1ds4AAxIk
Path traversal in spotipyEcosystems: pypi
Packages: spotipy
Source: GitHub Advisory Database
Published: 6 days ago
Moderate
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 6 days ago
GSA_kwCzR0hTQS05YzY0LXgzY3gtdmdtbc4AAxIH
Cross-Site Request Forgery in modoboaEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 6 days ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 6 days ago
GSA_kwCzR0hTQS02am14LXB2Nzctd201d84AAxHU
Excessive Attack Surface in pyload-ngEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 6 days ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 7 days ago
GSA_kwCzR0hTQS14OXZjLTVxNzctbTd4NM4AAxHP
Improper Input Validation in pyload-ngEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 7 days ago
Moderate
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 10 days ago
GSA_kwCzR0hTQS1nMjk4LTU5cGctOTNoN84AAxEv
Cross-Site Request Forgery in modoboaEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 10 days ago
Moderate
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 10 days ago
GSA_kwCzR0hTQS12OWdqLTVyZ3AtdzMzcs4AAxEi
Modoboa is vulnerable to Cross-Site Request ForgeryEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 10 days ago
High
Ecosystems: pypi
Packages: mechanize
Source: GitHub Advisory Database
Published: 11 days ago
GSA_kwCzR0hTQS1nM3B2LXBqNWYtM2hmcc4AAxCV
mechanize Regular Expression Denial of Service vulnerabilityEcosystems: pypi
Packages: mechanize
Source: GitHub Advisory Database
Published: 11 days ago
Moderate
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Published: 12 days ago
GSA_kwCzR0hTQS04OTRjLXJnN2YtM2M2Ms4AAxAt
pgAdmin 4 Open Redirect vulnerabilityEcosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Published: 12 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
GSA_kwCzR0hTQS05Zjg4LXdnNXItOTQ3as4AAw_i
Apache Superset vulnerable to Cross-site ScriptingEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
High
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
GSA_kwCzR0hTQS03MjIyLXIzN3gtOHEzbc4AAw_j
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpointsEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
GSA_kwCzR0hTQS03OXg1LWN2NzktNDlyas4AAw_k
Apache Superset is vulnerable to Cross-Site Scripting (XSS)Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
GSA_kwCzR0hTQS1jeHZwLTNmcm0tMzg3Ns4AAw_h
Apache Superset's SQL Alchemy connector vulnerable to SQL InjectionEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
GSA_kwCzR0hTQS1mY2c0LXBtNmgtOXh4Ms4AAw_q
Apache Superset Open Redirect vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
GSA_kwCzR0hTQS1mcG1yLXFtZ2gtNDJ4Ms4AAw_p
Apache Superset vulnerable to InjectionEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
GSA_kwCzR0hTQS04ZjVqLW1neDktNWhtNc4AAw_n
Apache Superset has Improper Access ControlEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Critical
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 15 days ago
GSA_kwCzR0hTQS1wZjM4LTVwMjIteDZoNs4AAw-v
Code Injection in pyload-ngEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 15 days ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 17 days ago
GSA_kwCzR0hTQS1ydjl4LXdtdzQtNDRxas4AAw74
Pyload Insufficient Session Expiration vulnerabilityEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 17 days ago
Moderate
Ecosystems: pypi
Packages: dompurify
Source: GitHub Advisory Database
Published: 17 days ago
GSA_kwCzR0hTQS1oNnAzLXA0dngtd3I4cc4AAw6h
dompurify vulnerable to Cross-site ScriptingEcosystems: pypi
Packages: dompurify
Source: GitHub Advisory Database
Published: 17 days ago
Moderate
Ecosystems: pypi
Packages: dompurify
Source: GitHub Advisory Database
Published: 17 days ago
GSA_kwCzR0hTQS1wZ2p2LWpyZzItZ3Ezds4AAw6g
dompurify vulnerable to Cross-site ScriptingEcosystems: pypi
Packages: dompurify
Source: GitHub Advisory Database
Published: 17 days ago
Moderate
Ecosystems: pypi
Packages: ldapcherry
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS12cTh3LXg4djctZjg4bc4AAwwG
LdapCherry Cross-site Scripting vulnerbailityEcosystems: pypi
Packages: ldapcherry
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: pypi
Packages: django-ucamlookup
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS1wang0LTNmM3AtMjl2M84AAwwC
django-ucamlookup Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: django-ucamlookup
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS1oOHI5LTQ2N3ItdmpqZs4AAwv-
pyLoad vulnerable to Improper Restriction of Rendered UI Layers or FramesEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS1tM2c3LXdycnEtdjVjOM4AAwv4
Pyload contains Sensitive Cookie in HTTPS Session Without 'Secure' AttributeEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: pypi
Packages: nsupdate
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1td3ZwLXFyNjItY3ZqeM4AAwok
nsupdate.info has Sensitive Cookie Without 'HttpOnly' FlagEcosystems: pypi
Packages: nsupdate
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS0yd3B3LWNtOXctdjR4bc4AAwnq
rdiffweb vulnerable to Business Logic ErrorsEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1oNXdwLWpycWMtY3d3eM4AAwnl
rdiffweb vulnerable to Open RedirectEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1xOTlwLTc4aHAteGc1Y84AAwni
Graphite Web Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS0zYzV4LTRodngtcXJycs4AAwnx
Graphite Web Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1tOHI5LXF4eDgtbXJ4cM4AAwnn
rdiffweb Improper Access Control vulnerabilityEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS04M3BtLTd2NDgtNWpwNM4AAwnu
rdiffweb vulnerable to Special Element InjectionEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS03cTRyLXg1cWctbW1jcM4AAwns
rdiffweb has no rate limit on resend email featureEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1tOTczLTR2cGMteDQzY84AAwnf
Graphite Web Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS13ZjMzLTZ4MzMtd2NmOc4AAwnp
rdiffweb vulnerable to Authentication Bypass by Primary WeaknessEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: Sentinelone, SentineloneSDK, sentinelone-sdk, SentinelOne
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1nODZqLWh3ZzktNzdxNc4AAwnd
SentinelOne impersonated via PyPI packagesEcosystems: pypi
Packages: Sentinelone, SentineloneSDK, sentinelone-sdk, SentinelOne
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: binwalk
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS04bTNmLWc2MmotM3Z4OM4AAwnb
binwalk vulnerable to UNIX Symbolic Link (Symlink) FollowingEcosystems: pypi
Packages: binwalk
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: slixmpp
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1xNmNxLW05Z20tNnEyZs4AAwlX
Slixmpp lacks SSL Certificate hostname validation in XMLStreamEcosystems: pypi
Packages: slixmpp
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: setuptools
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1yOWh4LXZ3bXYtcTU3Oc4AAwjs
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)Ecosystems: pypi
Packages: setuptools
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: future
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS12M2M1LWpxcjYtN3FtOM4AAwjq
Python Charmers Future denial of service vulnerabilityEcosystems: pypi
Packages: future
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: wheel
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1xd21wLTJjZjItZzlnNs4AAwjr
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS)Ecosystems: pypi
Packages: wheel
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS02MzlmLWh4Y3YtODRtY84AAwgc
rdiffweb Open Redirect vulnerabilityEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS04NWZwLTUyM3EtNXh3Y84AAwgY
rdiffweb vulnerable to Cross-Site Request ForgeryEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: collective.contact.widget
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS01cHFmLXJ2bTctM3dnd84AAwgU
collective.contact.widget is vulnerable to cross-site scriptingEcosystems: pypi
Packages: collective.contact.widget
Source: GitHub Advisory Database
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1yYzU4LXFyOWotY3Bnd84AAwbo
Apache Airflow Hive Provider vulnerable to Command InjectionEcosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: django-termsandconditions
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS02cm1mLWN2NnAtNGgyN84AAwY0
Terms and Conditions Module vulnerable to Open RedirectEcosystems: pypi
Packages: django-termsandconditions
Source: GitHub Advisory Database
Published: about 1 month ago
High
Ecosystems: pypi
Packages: ubi-reader
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1oYzM3LTg0djMtOGdtcc4AAwYx
UBI Reader vulnerable to Path TraversalEcosystems: pypi
Packages: ubi-reader
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: collective.task
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS00cjloLXg3N3ctbWZmds4AAwXT
collective.task Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: collective.task
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: django-photologue
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS0yODdxLWpmY3AtOXZods4AAwXV
django-photologue vulnerable to Cross-site ScriptingEcosystems: pypi
Packages: django-photologue
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: collective.dms.basecontent
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1yNDhjLTR2ZmotaDQyNs4AAwV6
collective.dms.basecontent Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: collective.dms.basecontent
Source: GitHub Advisory Database
Published: about 2 months ago
High
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS0zdjZ2LTJ4NnAtMzJtY84AAwUE
pgadmin4 vulnerable to Code InjectionEcosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1qdjg1LW1xeGotM2Y5as4AAwRp
Sentry vulnerable to invite code reuse via cookie manipulationEcosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1nNTk0LTU1bXAtZjZxOM4AAwRe
Improper Privilege Management in rdiffwebEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: pyRdfa3
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS04OTRxLXdwZzUtbWYyaM4AAwO_
pyRdfa3 Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: pyRdfa3
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: certifi
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS00M2ZwLXJodjItNWd2OM4AAwM2
Certifi removing TrustCor root certificateEcosystems: pypi
Packages: certifi
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1nY2pmLTI5bTktODg4cc4AAwMe
PaddlePaddle vulnerable to Code InjectionEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS0yaHZjLWh3ZzMtaHB2d84AAwMf
PaddlePaddle Out-of-bounds Read vulnerabilityEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: py7zr
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1tOHh3LTl4NXgtNnZoM84AAwLr
py7zr directory traversal vulnerabilityEcosystems: pypi
Packages: py7zr
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: Passeo
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1taGhmLXZnd2gtZnc5aM4AAwLn
Passeo uses insecure random number generatorEcosystems: pypi
Packages: Passeo
Source: GitHub Advisory Database
Published: about 2 months ago
High
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1oY3BqLXFwNTUtZ2ZwaM4AAwKi
GitPython vulnerable to Remote Code Execution due to improper user input validationEcosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: guarddog
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS03OG01LWpwbWYtY2g3ds4AAwJ6
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI packageEcosystems: pypi
Packages: guarddog
Source: GitHub Advisory Database
Published: about 2 months ago
High
Ecosystems: pypi
Packages: xblock-drag-and-drop-v2
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1xdjZjLTM2N3ItM3c2cc4AAwIQ
XBlock vulnerable to Cross-Site Scripting (XSS)Ecosystems: pypi
Packages: xblock-drag-and-drop-v2
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: guarddog
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1ycDJ2LXY0NjctcTl2cc4AAwIO
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI packageEcosystems: pypi
Packages: guarddog
Source: GitHub Advisory Database
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: bitlyshortener
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1nZ3JoLWdyajMtdmZ2d84AAwEF
Package discontinued because Bitly lowered the free quotaEcosystems: pypi
Packages: bitlyshortener
Source: GitHub Advisory Database
Published: 2 months ago
Low
Ecosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1qZjJwLTRncWotODQ5Z84AAwED
Temporary File Information Disclosure vulnerability in MPXJEcosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS04M2c3LThmY2gtcDM3bc4AAwDL
PaddlePaddle vulnerable to code injection via winstrEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: torch
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS00N2ZjLXZtd3EtMzY2ds4AAwDK
PyTorch vulnerable to arbitrary code executionEcosystems: pypi
Packages: torch
Source: GitHub Advisory Database
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: wger
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1ncjU4LTc2cnAtbW1nNM4AAwCL
wger vulnerable to brute force attemptsEcosystems: pypi
Packages: wger
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS03d3FmLWgzNnctNDdtY84AAwAE
OS Command Injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1jbTQzLWYycHYtNnY2OM4AAwAB
OS Command Injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1ybWYyLXB3ZnEtaDc1as4AAwAD
OS Command Injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS00NXI2LWozY2MtNm14eM4AAwAC
OS Command Injection in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS04dzVnLTN3Y3YtOWcyas4AAv_l
Tensorflow vulnerable to Out-of-Bounds ReadEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1jcXZxLWZ2aHItdjZoY84AAv_Z
`CHECK` failure in `SobolSample` via missing validationEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS14ZjgzLXE3NjUteG02bc4AAv_Y
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager modeEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-cpu, tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1wZjM2LXI5YzYtaDk3as4AAv_H
Invalid char to bool conversion when printing a tensorEcosystems: pypi
Packages: tensorflow-cpu, tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1mcnFwLXdwODMtcWdnds4AAv_G
Heap overflow in `QuantizeAndDequantizeV2`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1yang2LXY0NzQtMmNoOc4AAv_F
Segfault in `CompositeTensorVariantToComponents`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1tdjc3LTlnMjgtY3dnM84AAv_E
`CHECK` fail via inputs in `PyFunc`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS0zNjh2LTd2MzItNTJmeM4AAv_D
Overflow in `ResizeNearestNeighborGrad`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1jZzg4LXJwdnAtY2p2Nc4AAv_C
Out of bounds write in grappler in TensorflowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1nOWZtLXI1bW0tcmY5Zs4AAv_B
`CHECK_EQ` fail via input in `SparseMatrixNNZ`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS14dndwLWg2anYtNzQ3Ms4AAv_A
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acessEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS0yN3JjLTcyOGYteDV3Ms4AAv-_
`CHECK` fail via inputs in `SdcaOptimizer`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1ocTdnLXd3d3AtcTQ2aM4AAv--
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1mMnc4LWp3NDgtZnI3as4AAv-9
`FractionalMaxPoolGrad` Heap out of bounds readEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1ybWcyLWY2OTgtd3EzNc4AAv-8
`tf.raw_ops.Mfcc` crashesEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: kiwitcms
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1oZjk0LThteDUtMnZ2as4AAv-5
Cross-site Scripting in kiwitcmsEcosystems: pypi
Packages: kiwitcms
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1ncTJqLWNyOTYtZ3ZxeM4AAv-2
`MirrorPadGrad` heap out of bounds readEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: pypi
Packages: tflite
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1oNnEzLXZ2MzItMmNxNc4AAv-1
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLiteEcosystems: pypi
Packages: tflite
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS02N3BmLTYyeHItcTM1bc4AAv-0
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS02NnZxLTU0ZnEtNmp2ds4AAv-z
Segfault in `tf.raw_ops.TensorListConcat`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1oMjQ2LWNnaDQtNzQ3Nc4AAv-y
`CHECK` fail in `BCast` overflowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS14eGNqLXJocWctbTQ2Z84AAv-x
Segfault via invalid attributes in `pywrap_tfe_src.cc`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS02eDk5LWd2MnYtcTc2ds4AAv-w
FPE in `tf.image.generate_bounding_box_proposals`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS04ZnZ2LTQ2aHctdnBnM84AAv-v
Overflow in `tf.keras.losses.poisson`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
403
tensorflow-cpu
366
tensorflow-gpu
366
apache-airflow
42
ansible
42
django
41
rdiffweb
40
Pillow
39
opencv-python
30
opencv-contrib-python
30
matrix-synapse
20
apache-superset
20
Plone
20
notebook
13
pyftpdlib
13
onionshare-cli
11
Django
11
twisted
10
vyper
10
calibreweb
9
waitress
9
opencv-python-headless
9
OctoPrint
8
pyload-ng
8
opencv-contrib-python-headless
8
pillow
7
pysaml2
7
numpy
7
urllib3
7
tensorflow-lite
7
lief
6
ipython
6
inventree
6
python-gnupg
6
Flask-AppBuilder
6
cobbler
6
wagtail
6
Zope2
6
bleach
5
salt
5
matrix-sydent
5
modoboa
5
pip
5
tuf
5
feedparser
5
lxml
5
Zope
5
cryptography
5
Flask-Security-Too
4
scrapy
4
nvflare
4
gerapy
4
markdown2
4
nltk
4
jupyter-server
4
FreeTAKServer-UI
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
aws-iot-device-sdk-v2
4
awsiotsdk
4
qutebrowser
4
graphite-web
4
omero-web
3
Pygments
3
bitlyshortener
3
pyspark
3
indy-node
3
poetry
3
ansible-runner
3
jupyterhub
3
paramiko
3
fava
3
Jinja2
3
bottle
3
requests
3
oauthenticator
3
pyyaml
3
quokka
3
httpie
3
mistune
3
mitmproxy
3
django-helpdesk
3
Products.PluggableAuthService
3
ujson
3
plone.supermodel
3
plone.app.event
3
plone.app.dexterity
3
plone.app.theming
3
datasette
3
Weblate
3
aubio
3
mayan-edms
3
moin
3
protobuf
3
ecdsa
3
indico
2
Google.Protobuf
2
aioxmpp
2
aiohttp-session
2
pycrypto
2
bikeshed
2
google/protobuf
2
websockets
2
sickrage
2
werkzeug
2
py
2
rsa
2
webargs
2
SQLAlchemy
2
aiohttp
2
httplib2
2
pyopenssl
2
com.google.protobuf:protobuf-parent
2
Red-DiscordBot
2
openapi-python-client
2
rpyc
2
sanic
2
wagtail-2fa
2
github.com/protocolbuffers/protobuf
2
typed-ast
2
scout-browser
2
paddlepaddle
2
guarddog
2
reportlab
2
red-arrow
2
petl
2
tflite
2
aws-encryption-sdk-cli
2
org.apache.spark:spark-core
2
apache-iotdb
2
keystone
2
pyjwt
2
html5lib
2
pyarrow
2
autobahn
2
flower
2
djangorestframework
2
untangle
2
python-cjson
2
keyring
2
python-keystoneclient
2
pgadmin4
2
logilab-common
2
uvicorn
2
superset
2
python-ldap
2
django-sendfile2
2
tryton
2
archivy
2
pywasm3
2
ctx
2
roundup
2
pytorch-lightning
2
flask
2
trytond
2
proteus
2
Twisted
2
saleor
2
starkbank-ecdsa
2
tlslite-ng
2
distributed
2
FreeTAKServer
2
localstack
2
python-libnmap
2
django-anymail
2
Products.CMFPlone
2
gradio
2
mailman
2
parlai
2
aws-encryption-sdk
2
django-unicorn
2
simiki
2
shuup
2
dompurify
2
django-nopassword
1
ipycache
1
pyro
1
django-two-factor-auth
1
pypiserver
1
plone.app.users
1
octoprint
1
jupyterhub-kubespawner
1
nova
1
AccessControl
1
sqlparse
1
PyYAML
1
tripleo-heat-templates
1
ihatemoney
1
django-mfa3
1
flask-session-captcha
1
guake
1
url_regex
1
xmpp-http-upload
1
blazar-dashboard
1
aleksis-core
1
alerta-server
1
datasette-graphql
1
amundsen-frontend
1
red-dashboard
1
django-basic-auth-ip-whitelist
1
mpmath
1
gunicorn
1
django-photologue
1
Werkzeug
1
botframework-connector
1
CairoSVG
1
tenable-jira-cloud
1
Products.GenericSetup
1
django-rest-registration
1
jinja2
1
modulemd
1
python-fedora
1
jupyter-core
1
mat2
1
Lin-CMS
1
io.github.talelin:lin-cms-core
1
python-docx
1
Passeo
1
django-filter
1
jupyter_server
1
mobsf
1
django-registration
1
papermerge
1
invenio-records
1
invenio-communities
1
django-termsandconditions
1
ubi-reader
1
SentineloneSDK
1
asyncpg
1
xml2rfc
1
oncall
1
supervisor
1
safety
1
jw.util
1
contentful
1
api-res-py
1
nbdime
1
mysql-connector-python
1
Flask-Cors
1
jupyter-notebook
1
svglib
1
Sentinelone
1
joblib
1
clickhouse-driver
1
fastapi
1
Products.PasswordResetTool
1
py-mini-racer
1
openssh-key-parser
1
swift
1
Flask-Unchained
1
Kotti
1
flask-admin
1
pywin32
1
django-celery-results
1
Glances
1
Products.isurlinportal
1
yamale
1
apache-airflow-providers-apache-hive
1
sopel-modules.weather
1
pywb
1
django-widgy
1
XML2Dict
1
sqla-yaml-fixtures
1
pulsar-client
1
sqlite-web
1
CoAPthon
1
django-user-sessions
1
pollbot
1
novajoin
1
psutil
1
rply
1
py-evm
1
django-epiceditor
1
leo
1
cryptoauthlib
1
exotel
1
eventlet
1
GitPython
1
pydantic
1
cfscrape
1
pikepdf
1
chainerrl-visualizer
1
opencv-opencv-contrib-python-headless
1
Scrapy
1
PyInstaller
1
validators
1
Nuitka
1
topydo
1
com.amazonaws:aws-encryption-sdk-java
1
easybuild-framework
1
fastecdsa
1
mkdocs
1
pybluemonday
1
github.com/microcosm-cc/bluemonday
1
py-bcrypt
1
rucio-webui
1
babel
1
barbican
1
antilles-tools
1
org.apache.iotdb:iotdb-server
1
tendenci
1