Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Advisories

Loading...
Low
GSA_kwCzR0hTQS1qZ2g4LXZjaHctcTNnN84AAxOa
Permissive regex leads to domain filter bypass
Ecosystems: pypi
Packages: safeurl-python
Source: GitHub Advisory Database
Published: 2 days ago
High
GSA_kwCzR0hTQS04djUzLTIzbXgtaGNmOc4AAxNf
Improper Certificate Validation in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS13Y202LXd2OTUtN2p3Ns4AAxNP
Cross-site Scripting in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 2 days ago
High
GSA_kwCzR0hTQS1jNDY3LTVjMmctanA4Ns4AAxNO
Cross-site Scripting in modoboa
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 2 days ago
High
GSA_kwCzR0hTQS1qbTNtLXdyM3AtaGpycc4AAxNK
Cross-site Scripting in modoboa
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 2 days ago
High
GSA_kwCzR0hTQS1mZnhqLTU0N3gtNWo3Y84AAxM0
Directory Traversal in onnx
Ecosystems: pypi
Packages: onnx
Source: GitHub Advisory Database
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1xNzY0LWc2Zm0tNTU1ds4AAxIk
Path traversal in spotipy
Ecosystems: pypi
Packages: spotipy
Source: GitHub Advisory Database
Published: 6 days ago
Moderate
GSA_kwCzR0hTQS05YzY0LXgzY3gtdmdtbc4AAxIH
Cross-Site Request Forgery in modoboa
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 6 days ago
Moderate
GSA_kwCzR0hTQS02am14LXB2Nzctd201d84AAxHU
Excessive Attack Surface in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 6 days ago
Moderate
GSA_kwCzR0hTQS14OXZjLTVxNzctbTd4NM4AAxHP
Improper Input Validation in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 7 days ago
Moderate
GSA_kwCzR0hTQS1nMjk4LTU5cGctOTNoN84AAxEv
Cross-Site Request Forgery in modoboa
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 10 days ago
Moderate
GSA_kwCzR0hTQS12OWdqLTVyZ3AtdzMzcs4AAxEi
Modoboa is vulnerable to Cross-Site Request Forgery
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Published: 10 days ago
High
GSA_kwCzR0hTQS1nM3B2LXBqNWYtM2hmcc4AAxCV
mechanize Regular Expression Denial of Service vulnerability
Ecosystems: pypi
Packages: mechanize
Source: GitHub Advisory Database
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS04OTRjLXJnN2YtM2M2Ms4AAxAt
pgAdmin 4 Open Redirect vulnerability
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Published: 12 days ago
Moderate
GSA_kwCzR0hTQS05Zjg4LXdnNXItOTQ3as4AAw_i
Apache Superset vulnerable to Cross-site Scripting
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
High
GSA_kwCzR0hTQS03MjIyLXIzN3gtOHEzbc4AAw_j
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS03OXg1LWN2NzktNDlyas4AAw_k
Apache Superset is vulnerable to Cross-Site Scripting (XSS)
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS1jeHZwLTNmcm0tMzg3Ns4AAw_h
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS1mY2c0LXBtNmgtOXh4Ms4AAw_q
Apache Superset Open Redirect vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS1mcG1yLXFtZ2gtNDJ4Ms4AAw_p
Apache Superset vulnerable to Injection
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS04ZjVqLW1neDktNWhtNc4AAw_n
Apache Superset has Improper Access Control
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 13 days ago
Critical
GSA_kwCzR0hTQS1wZjM4LTVwMjIteDZoNs4AAw-v
Code Injection in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 15 days ago
Moderate
GSA_kwCzR0hTQS1ydjl4LXdtdzQtNDRxas4AAw74
Pyload Insufficient Session Expiration vulnerability
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 17 days ago
Moderate
GSA_kwCzR0hTQS1oNnAzLXA0dngtd3I4cc4AAw6h
dompurify vulnerable to Cross-site Scripting
Ecosystems: pypi
Packages: dompurify
Source: GitHub Advisory Database
Published: 17 days ago
Moderate
GSA_kwCzR0hTQS1wZ2p2LWpyZzItZ3Ezds4AAw6g
dompurify vulnerable to Cross-site Scripting
Ecosystems: pypi
Packages: dompurify
Source: GitHub Advisory Database
Published: 17 days ago
Moderate
GSA_kwCzR0hTQS12cTh3LXg4djctZjg4bc4AAwwG
LdapCherry Cross-site Scripting vulnerbaility
Ecosystems: pypi
Packages: ldapcherry
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
GSA_kwCzR0hTQS1wang0LTNmM3AtMjl2M84AAwwC
django-ucamlookup Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: django-ucamlookup
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
GSA_kwCzR0hTQS1oOHI5LTQ2N3ItdmpqZs4AAwv-
pyLoad vulnerable to Improper Restriction of Rendered UI Layers or Frames
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
GSA_kwCzR0hTQS1tM2c3LXdycnEtdjVjOM4AAwv4
Pyload contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
GSA_kwCzR0hTQS1td3ZwLXFyNjItY3ZqeM4AAwok
nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag
Ecosystems: pypi
Packages: nsupdate
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0yd3B3LWNtOXctdjR4bc4AAwnq
rdiffweb vulnerable to Business Logic Errors
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS1oNXdwLWpycWMtY3d3eM4AAwnl
rdiffweb vulnerable to Open Redirect
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1xOTlwLTc4aHAteGc1Y84AAwni
Graphite Web Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0zYzV4LTRodngtcXJycs4AAwnx
Graphite Web Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1tOHI5LXF4eDgtbXJ4cM4AAwnn
rdiffweb Improper Access Control vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04M3BtLTd2NDgtNWpwNM4AAwnu
rdiffweb vulnerable to Special Element Injection
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03cTRyLXg1cWctbW1jcM4AAwns
rdiffweb has no rate limit on resend email feature
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1tOTczLTR2cGMteDQzY84AAwnf
Graphite Web Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS13ZjMzLTZ4MzMtd2NmOc4AAwnp
rdiffweb vulnerable to Authentication Bypass by Primary Weakness
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS1nODZqLWh3ZzktNzdxNc4AAwnd
SentinelOne impersonated via PyPI packages
Ecosystems: pypi
Packages: Sentinelone, SentineloneSDK, sentinelone-sdk, SentinelOne
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04bTNmLWc2MmotM3Z4OM4AAwnb
binwalk vulnerable to UNIX Symbolic Link (Symlink) Following
Ecosystems: pypi
Packages: binwalk
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS1xNmNxLW05Z20tNnEyZs4AAwlX
Slixmpp lacks SSL Certificate hostname validation in XMLStream
Ecosystems: pypi
Packages: slixmpp
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS1yOWh4LXZ3bXYtcTU3Oc4AAwjs
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)
Ecosystems: pypi
Packages: setuptools
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS12M2M1LWpxcjYtN3FtOM4AAwjq
Python Charmers Future denial of service vulnerability
Ecosystems: pypi
Packages: future
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS1xd21wLTJjZjItZzlnNs4AAwjr
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS)
Ecosystems: pypi
Packages: wheel
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02MzlmLWh4Y3YtODRtY84AAwgc
rdiffweb Open Redirect vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS04NWZwLTUyM3EtNXh3Y84AAwgY
rdiffweb vulnerable to Cross-Site Request Forgery
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS01cHFmLXJ2bTctM3dnd84AAwgU
collective.contact.widget is vulnerable to cross-site scripting
Ecosystems: pypi
Packages: collective.contact.widget
Source: GitHub Advisory Database
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1yYzU4LXFyOWotY3Bnd84AAwbo
Apache Airflow Hive Provider vulnerable to Command Injection
Ecosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS02cm1mLWN2NnAtNGgyN84AAwY0
Terms and Conditions Module vulnerable to Open Redirect
Ecosystems: pypi
Packages: django-termsandconditions
Source: GitHub Advisory Database
Published: about 1 month ago
High
GSA_kwCzR0hTQS1oYzM3LTg0djMtOGdtcc4AAwYx
UBI Reader vulnerable to Path Traversal
Ecosystems: pypi
Packages: ubi-reader
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS00cjloLXg3N3ctbWZmds4AAwXT
collective.task Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: collective.task
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0yODdxLWpmY3AtOXZods4AAwXV
django-photologue vulnerable to Cross-site Scripting
Ecosystems: pypi
Packages: django-photologue
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1yNDhjLTR2ZmotaDQyNs4AAwV6
collective.dms.basecontent Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: collective.dms.basecontent
Source: GitHub Advisory Database
Published: about 2 months ago
High
GSA_kwCzR0hTQS0zdjZ2LTJ4NnAtMzJtY84AAwUE
pgadmin4 vulnerable to Code Injection
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1qdjg1LW1xeGotM2Y5as4AAwRp
Sentry vulnerable to invite code reuse via cookie manipulation
Ecosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1nNTk0LTU1bXAtZjZxOM4AAwRe
Improper Privilege Management in rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS04OTRxLXdwZzUtbWYyaM4AAwO_
pyRdfa3 Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: pyRdfa3
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS00M2ZwLXJodjItNWd2OM4AAwM2
Certifi removing TrustCor root certificate
Ecosystems: pypi
Packages: certifi
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1nY2pmLTI5bTktODg4cc4AAwMe
PaddlePaddle vulnerable to Code Injection
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS0yaHZjLWh3ZzMtaHB2d84AAwMf
PaddlePaddle Out-of-bounds Read vulnerability
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1tOHh3LTl4NXgtNnZoM84AAwLr
py7zr directory traversal vulnerability
Ecosystems: pypi
Packages: py7zr
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1taGhmLXZnd2gtZnc5aM4AAwLn
Passeo uses insecure random number generator
Ecosystems: pypi
Packages: Passeo
Source: GitHub Advisory Database
Published: about 2 months ago
High
GSA_kwCzR0hTQS1oY3BqLXFwNTUtZ2ZwaM4AAwKi
GitPython vulnerable to Remote Code Execution due to improper user input validation
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS03OG01LWpwbWYtY2g3ds4AAwJ6
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Ecosystems: pypi
Packages: guarddog
Source: GitHub Advisory Database
Published: about 2 months ago
High
GSA_kwCzR0hTQS1xdjZjLTM2N3ItM3c2cc4AAwIQ
XBlock vulnerable to Cross-Site Scripting (XSS)
Ecosystems: pypi
Packages: xblock-drag-and-drop-v2
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1ycDJ2LXY0NjctcTl2cc4AAwIO
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package
Ecosystems: pypi
Packages: guarddog
Source: GitHub Advisory Database
Published: about 2 months ago
Low
GSA_kwCzR0hTQS1nZ3JoLWdyajMtdmZ2d84AAwEF
Package discontinued because Bitly lowered the free quota
Ecosystems: pypi
Packages: bitlyshortener
Source: GitHub Advisory Database
Published: 2 months ago
Low
GSA_kwCzR0hTQS1qZjJwLTRncWotODQ5Z84AAwED
Temporary File Information Disclosure vulnerability in MPXJ
Ecosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Published: 2 months ago
Critical
GSA_kwCzR0hTQS04M2c3LThmY2gtcDM3bc4AAwDL
PaddlePaddle vulnerable to code injection via winstr
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Published: 2 months ago
Critical
GSA_kwCzR0hTQS00N2ZjLXZtd3EtMzY2ds4AAwDK
PyTorch vulnerable to arbitrary code execution
Ecosystems: pypi
Packages: torch
Source: GitHub Advisory Database
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1ncjU4LTc2cnAtbW1nNM4AAwCL
wger vulnerable to brute force attempts
Ecosystems: pypi
Packages: wger
Source: GitHub Advisory Database
Published: 2 months ago
High
GSA_kwCzR0hTQS03d3FmLWgzNnctNDdtY84AAwAE
OS Command Injection in Apache Airflow
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
High
GSA_kwCzR0hTQS1jbTQzLWYycHYtNnY2OM4AAwAB
OS Command Injection in Apache Airflow
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1ybWYyLXB3ZnEtaDc1as4AAwAD
OS Command Injection in Apache Airflow
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS00NXI2LWozY2MtNm14eM4AAwAC
OS Command Injection in Apache Airflow
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS04dzVnLTN3Y3YtOWcyas4AAv_l
Tensorflow vulnerable to Out-of-Bounds Read
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Low
GSA_kwCzR0hTQS1jcXZxLWZ2aHItdjZoY84AAv_Z
`CHECK` failure in `SobolSample` via missing validation
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Low
GSA_kwCzR0hTQS14ZjgzLXE3NjUteG02bc4AAv_Y
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1wZjM2LXI5YzYtaDk3as4AAv_H
Invalid char to bool conversion when printing a tensor
Ecosystems: pypi
Packages: tensorflow-cpu, tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1mcnFwLXdwODMtcWdnds4AAv_G
Heap overflow in `QuantizeAndDequantizeV2`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1yang2LXY0NzQtMmNoOc4AAv_F
Segfault in `CompositeTensorVariantToComponents`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1tdjc3LTlnMjgtY3dnM84AAv_E
`CHECK` fail via inputs in `PyFunc`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS0zNjh2LTd2MzItNTJmeM4AAv_D
Overflow in `ResizeNearestNeighborGrad`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
High
GSA_kwCzR0hTQS1jZzg4LXJwdnAtY2p2Nc4AAv_C
Out of bounds write in grappler in Tensorflow
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1nOWZtLXI1bW0tcmY5Zs4AAv_B
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
High
GSA_kwCzR0hTQS14dndwLWg2anYtNzQ3Ms4AAv_A
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS0yN3JjLTcyOGYteDV3Ms4AAv-_
`CHECK` fail via inputs in `SdcaOptimizer`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1ocTdnLXd3d3AtcTQ2aM4AAv--
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1mMnc4LWp3NDgtZnI3as4AAv-9
`FractionalMaxPoolGrad` Heap out of bounds read
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1ybWcyLWY2OTgtd3EzNc4AAv-8
`tf.raw_ops.Mfcc` crashes
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1oZjk0LThteDUtMnZ2as4AAv-5
Cross-site Scripting in kiwitcms
Ecosystems: pypi
Packages: kiwitcms
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1ncTJqLWNyOTYtZ3ZxeM4AAv-2
`MirrorPadGrad` heap out of bounds read
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
High
GSA_kwCzR0hTQS1oNnEzLXZ2MzItMmNxNc4AAv-1
Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite
Ecosystems: pypi
Packages: tflite
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS02N3BmLTYyeHItcTM1bc4AAv-0
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS02NnZxLTU0ZnEtNmp2ds4AAv-z
Segfault in `tf.raw_ops.TensorListConcat`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1oMjQ2LWNnaDQtNzQ3Nc4AAv-y
`CHECK` fail in `BCast` overflow
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS14eGNqLXJocWctbTQ2Z84AAv-x
Segfault via invalid attributes in `pywrap_tfe_src.cc`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS02eDk5LWd2MnYtcTc2ds4AAv-w
FPE in `tf.image.generate_bounding_box_proposals`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS04ZnZ2LTQ2aHctdnBnM84AAv-v
Overflow in `tf.keras.losses.poisson`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Published: 2 months ago
Filter by Package
tensorflow 403 tensorflow-cpu 366 tensorflow-gpu 366 apache-airflow 42 ansible 42 django 41 rdiffweb 40 Pillow 39 opencv-python 30 opencv-contrib-python 30 matrix-synapse 20 apache-superset 20 Plone 20 notebook 13 pyftpdlib 13 onionshare-cli 11 Django 11 twisted 10 vyper 10 calibreweb 9 waitress 9 opencv-python-headless 9 OctoPrint 8 pyload-ng 8 opencv-contrib-python-headless 8 pillow 7 pysaml2 7 numpy 7 urllib3 7 tensorflow-lite 7 lief 6 ipython 6 inventree 6 python-gnupg 6 Flask-AppBuilder 6 cobbler 6 wagtail 6 Zope2 6 bleach 5 salt 5 matrix-sydent 5 modoboa 5 pip 5 tuf 5 feedparser 5 lxml 5 Zope 5 cryptography 5 Flask-Security-Too 4 scrapy 4 nvflare 4 gerapy 4 markdown2 4 nltk 4 jupyter-server 4 FreeTAKServer-UI 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 aws-iot-device-sdk-v2 4 awsiotsdk 4 qutebrowser 4 graphite-web 4 omero-web 3 Pygments 3 bitlyshortener 3 pyspark 3 indy-node 3 poetry 3 ansible-runner 3 jupyterhub 3 paramiko 3 fava 3 Jinja2 3 bottle 3 requests 3 oauthenticator 3 pyyaml 3 quokka 3 httpie 3 mistune 3 mitmproxy 3 django-helpdesk 3 Products.PluggableAuthService 3 ujson 3 plone.supermodel 3 plone.app.event 3 plone.app.dexterity 3 plone.app.theming 3 datasette 3 Weblate 3 aubio 3 mayan-edms 3 moin 3 protobuf 3 ecdsa 3 indico 2 Google.Protobuf 2 aioxmpp 2 aiohttp-session 2 pycrypto 2 bikeshed 2 google/protobuf 2 websockets 2 sickrage 2 werkzeug 2 py 2 rsa 2 webargs 2 SQLAlchemy 2 aiohttp 2 httplib2 2 pyopenssl 2 com.google.protobuf:protobuf-parent 2 Red-DiscordBot 2 openapi-python-client 2 rpyc 2 sanic 2 wagtail-2fa 2 github.com/protocolbuffers/protobuf 2 typed-ast 2 scout-browser 2 paddlepaddle 2 guarddog 2 reportlab 2 red-arrow 2 petl 2 tflite 2 aws-encryption-sdk-cli 2 org.apache.spark:spark-core 2 apache-iotdb 2 keystone 2 pyjwt 2 html5lib 2 pyarrow 2 autobahn 2 flower 2 djangorestframework 2 untangle 2 python-cjson 2 keyring 2 python-keystoneclient 2 pgadmin4 2 logilab-common 2 uvicorn 2 superset 2 python-ldap 2 django-sendfile2 2 tryton 2 archivy 2 pywasm3 2 ctx 2 roundup 2 pytorch-lightning 2 flask 2 trytond 2 proteus 2 Twisted 2 saleor 2 starkbank-ecdsa 2 tlslite-ng 2 distributed 2 FreeTAKServer 2 localstack 2 python-libnmap 2 django-anymail 2 Products.CMFPlone 2 gradio 2 mailman 2 parlai 2 aws-encryption-sdk 2 django-unicorn 2 simiki 2 shuup 2 dompurify 2 django-nopassword 1 ipycache 1 pyro 1 django-two-factor-auth 1 pypiserver 1 plone.app.users 1 octoprint 1 jupyterhub-kubespawner 1 nova 1 AccessControl 1 sqlparse 1 PyYAML 1 tripleo-heat-templates 1 ihatemoney 1 django-mfa3 1 flask-session-captcha 1 guake 1 url_regex 1 xmpp-http-upload 1 blazar-dashboard 1 aleksis-core 1 alerta-server 1 datasette-graphql 1 amundsen-frontend 1 red-dashboard 1 django-basic-auth-ip-whitelist 1 mpmath 1 gunicorn 1 django-photologue 1 Werkzeug 1 botframework-connector 1 CairoSVG 1 tenable-jira-cloud 1 Products.GenericSetup 1 django-rest-registration 1 jinja2 1 modulemd 1 python-fedora 1 jupyter-core 1 mat2 1 Lin-CMS 1 io.github.talelin:lin-cms-core 1 python-docx 1 Passeo 1 django-filter 1 jupyter_server 1 mobsf 1 django-registration 1 papermerge 1 invenio-records 1 invenio-communities 1 django-termsandconditions 1 ubi-reader 1 SentineloneSDK 1 asyncpg 1 xml2rfc 1 oncall 1 supervisor 1 safety 1 jw.util 1 contentful 1 api-res-py 1 nbdime 1 mysql-connector-python 1 Flask-Cors 1 jupyter-notebook 1 svglib 1 Sentinelone 1 joblib 1 clickhouse-driver 1 fastapi 1 Products.PasswordResetTool 1 py-mini-racer 1 openssh-key-parser 1 swift 1 Flask-Unchained 1 Kotti 1 flask-admin 1 pywin32 1 django-celery-results 1 Glances 1 Products.isurlinportal 1 yamale 1 apache-airflow-providers-apache-hive 1 sopel-modules.weather 1 pywb 1 django-widgy 1 XML2Dict 1 sqla-yaml-fixtures 1 pulsar-client 1 sqlite-web 1 CoAPthon 1 django-user-sessions 1 pollbot 1 novajoin 1 psutil 1 rply 1 py-evm 1 django-epiceditor 1 leo 1 cryptoauthlib 1 exotel 1 eventlet 1 GitPython 1 pydantic 1 cfscrape 1 pikepdf 1 chainerrl-visualizer 1 opencv-opencv-contrib-python-headless 1 Scrapy 1 PyInstaller 1 validators 1 Nuitka 1 topydo 1 com.amazonaws:aws-encryption-sdk-java 1 easybuild-framework 1 fastecdsa 1 mkdocs 1 pybluemonday 1 github.com/microcosm-cc/bluemonday 1 py-bcrypt 1 rucio-webui 1 babel 1 barbican 1 antilles-tools 1 org.apache.iotdb:iotdb-server 1 tendenci 1