Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi Security Advisories
Loading...
Moderate
Ecosystems: pypi, npm
Packages: dash-core-components, dash-html-components, dash
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: 4 months ago
GSA_kwCzR0hTQS01NDd4LTc0OHYtdnA2cM4AA5A9
Dash apps vulnerable to Cross-site ScriptingEcosystems: pypi, npm
Packages: dash-core-components, dash-html-components, dash
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 4 months ago
GSA_kwCzR0hTQS05eDdmLWd3eHEtNmYyY84AA4_y
Vyper's bounds check on built-in `slice()` function can be overflowedEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: glance-store
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: 4 months ago
GSA_kwCzR0hTQS13Z3BxLXAyaG0tNTZ2Oc4AA4_r
glance-store logs s3 access keysEcosystems: pypi
Packages: glance-store
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: 4 months ago
GSA_kwCzR0hTQS01NjI2LXB3OWMtaG1qcs4AA498
OctoPrint Unverified Password Change via Access Control SettingsEcosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 4 months ago
GSA_kwCzR0hTQS1wNTl3LTlncXctd2o4cs4AA497
Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` ProtectionsEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 4 months ago
Low
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: 4 months ago
GSA_kwCzR0hTQS1yam12LTUybXAtZ2pycs4AA480
vantage6 may create unencrypted tasks in encrypted collaborationEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: 4 months ago
Low
Ecosystems: pypi
Packages: vantage6-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS00NWdxLXE0eGgtY3A1M84AA48y
vantage6 vulnerable to username timing attackEcosystems: pypi
Packages: vantage6-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 4 months ago
GSA_kwCzR0hTQS0yd2djLTQ4ZzItY2o1d84AA48z
vantage6 has insecure SSH configuration for node and server containersEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 4 months ago
High
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 4 months ago
GSA_kwCzR0hTQS13OWgyLXB4ODctNzR2eM4AA48x
vantage6 remote code execution vulnerabilityEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 4 months ago
GSA_kwCzR0hTQS14MmMyLXEzMnctNHc2bc4AA48w
Vyper's raw_call `value=` kwargs not disabled for static and delegate callsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 4 months ago
GSA_kwCzR0hTQS01aDg2LThtdjItanE5Zs4AA47u
aiohttp is vulnerable to directory traversalEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 4 months ago
GSA_kwCzR0hTQS04cXB3LXhxeGotaDRyMs4AA47q
aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separatorsEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: ai-flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS03bWdnLTNycTItaGZmNM4AA45w
ai-flow Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: ai-flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: synthcity
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS00OTU3LTd2aHAtN3Y1Oc4AA45N
Deserialization of untrusted data in synthcityEcosystems: pypi
Packages: synthcity
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: 4 months ago
GSA_kwCzR0hTQS05djloLWNnajgtaDY0cM4AA44M
Null pointer dereference in PKCS12 parsingEcosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow-providers-cncf-kubernetes, apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 4 months ago
GSA_kwCzR0hTQS1tZzJ4LW1nZ2otNjk1Nc4AA4qb
Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer serviceEcosystems: pypi
Packages: apache-airflow-providers-cncf-kubernetes, apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 4 months ago
GSA_kwCzR0hTQS12bTVtLXFtcngtZnc4d84AA4qc
Apache Airflow: Bypass permission verification to read code of other dagsEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 4 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: 4 months ago
GSA_kwCzR0hTQS1jM2M2LWYyd3cteGZyMs4AA4qZ
Apache Airflow: pickle deserialization vulnerability in XComsEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 4 months ago
GSA_kwCzR0hTQS1mcTIzLWc1OG0tNzk5cs4AA4qW
Cross-site Scripting Vulnerability on Data ImportEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 4 months ago
High
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 4 months ago
GSA_kwCzR0hTQS1xNjhoLXh3cTUtbW03eM4AA4qV
Cross-site Scripting Vulnerability on Avatar UploadEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 4 months ago
GSA_kwCzR0hTQS1yd2hoLTZ4ODMtODR2Ns4AA4od
Cross-site Scripting in Apache supersetEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 4 months ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 4 months ago
GSA_kwCzR0hTQS12NHh2LTc5NWgtcnY0aM4AA4oT
XSS potential in rendered Markdown fields (comments, description, notes, etc.)Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 4 months ago
Low
Ecosystems: pypi
Packages: changedetection-io, changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1oY3ZwLTJjYzctanJ3cs4AA4oO
changedetection.io API endpoint is not secured with API tokenEcosystems: pypi
Packages: changedetection-io, changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: pypi
Packages: ecdsa
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 4 months ago
GSA_kwCzR0hTQS13ajZoLTY0ZmMtMzdtcM4AA4nW
Minerva timing attack on P-256 in python-ecdsaEcosystems: pypi
Packages: ecdsa
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: TuiTse-TsuSin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1tNG01LWozNm0tOHg3Ms4AA4nV
html injection vulnerability in the `tuitse_html` function.Ecosystems: pypi
Packages: TuiTse-TsuSin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 4 months ago
GSA_kwCzR0hTQS01ZzczLTY5cDQtN2d2eM4AA4mi
Code execution in pandasaiEcosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: llama-index
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 4 months ago
GSA_kwCzR0hTQS0yanh3LTRobTQtNnc4N84AA4mj
SQL injection in llama-indexEcosystems: pypi
Packages: llama-index
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 4 months ago
High
Ecosystems: pypi
Packages: metagpt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1nN3BoLTg0MjMtcGY0as4AA4mg
Code execution in metagptEcosystems: pypi
Packages: metagpt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1yNjd3LWY5OXctbWd4as4AA4mN
ReDoS in EmbedchainEcosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: llama-hub
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 4 months ago
GSA_kwCzR0hTQS0yOTd4LTJxZjMtanJqM84AA4mL
Unsafe yaml deserialization in llama-hubEcosystems: pypi
Packages: llama-hub
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 4 months ago
GSA_kwCzR0hTQS1yaGhqLTU0MzYtOTV2Zs4AA4mM
Code execution in EmbedchainEcosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 4 months ago
GSA_kwCzR0hTQS1jaGo3LXczZjYtY3Zmas4AA4mF
Code Injection in paddlepaddleEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 4 months ago
High
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: 4 months ago
GSA_kwCzR0hTQS0zZjYzLWhmcDgtNTJqcc4AA4lV
Arbitrary Code Execution in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: 4 months ago
High
Ecosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 4 months ago
GSA_kwCzR0hTQS00NGNjLTQzcnAtNTk0N84AA4lA
JupyterLab vulnerable to potential authentication and CSRF tokens leakEcosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 4 months ago
GSA_kwCzR0hTQS00bTc3LWNtcHgtdmpjNM4AA4k_
JupyterLab vulnerable to SXSS in Markdown PreviewEcosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 4 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 4 months ago
GSA_kwCzR0hTQS0ycTh2LTNncXEtNGY4cM4AA4kr
concat built-in can corrupt memory in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1wZ3BqLXY4NXEtaDVmbc4AA4kU
Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalationEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
High
Ecosystems: pypi
Packages: jupyter-lsp
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 4 months ago
GSA_kwCzR0hTQS00cWhwLTY1MnctYzIyeM4AA4jl
Unsecured endpoints in the jupyter-lsp server extensionEcosystems: pypi
Packages: jupyter-lsp
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 4 months ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 4 months ago
GSA_kwCzR0hTQS01eGZ4LTU1eDQtajIyM84AA4jV
Cross-Frame Scripting vulnerability has been found on Plone CMSEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: readthedocs-sphinx-search
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: 4 months ago
GSA_kwCzR0hTQS14Z2ZtLWZqeDYtNjJtas4AA4gD
readthedocs-sphinx-search vulnerable to cross-site scripting when including search results from malicious projectsEcosystems: pypi
Packages: readthedocs-sphinx-search
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: templated_dictionary
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 4 months ago
GSA_kwCzR0hTQS03ajk4LTc0amgtY2p4aM4AA4ef
Privilege escalation for users that can access mock configurationEcosystems: pypi
Packages: templated_dictionary
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 4 months ago
Critical
Ecosystems: pypi, maven
Packages: apache-iotdb, org.apache.iotdb:iotdb-core
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: 4 months ago
GSA_kwCzR0hTQS1yeGdnLTI3M3ctcmZ3N84AA4c9
Remote Code Execution vulnerability in Apache IoTDB via UDFEcosystems: pypi, maven
Packages: apache-iotdb, org.apache.iotdb:iotdb-core
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: 4 months ago
High
Ecosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
GSA_kwCzR0hTQS12M3JnLXFtNDYteHJnOc4AA4bu
Path traversal in flaskcodeEcosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
High
Ecosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
GSA_kwCzR0hTQS02aDRxLTYzYzUtcWZxZs4AA4bt
Path traversal in flaskcodeEcosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
Low
Ecosystems: pypi
Packages: streamlit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS04cXc5LWdmN3ctNDJ4Nc4AA4a1
Minor fix to previous patch for CVE-2022-35918Ecosystems: pypi
Packages: streamlit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: jinja2
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 4 months ago
GSA_kwCzR0hTQS1oNWM4LXJxd3AtY3A5Nc4AA4Ys
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filterEcosystems: pypi
Packages: jinja2
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 4 months ago
Low
Ecosystems: pypi
Packages: case-utils, cdo-local-uuid
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 4 months ago
GSA_kwCzR0hTQS1yZ3JmLTZtZjUtbTg4Ms4AA4Yr
cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration codeEcosystems: pypi
Packages: case-utils, cdo-local-uuid
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 4 months ago
High
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 4 months ago
GSA_kwCzR0hTQS0ybXFqLW02NXctamdoeM4AA4Vh
Untrusted search path under some conditions on Windows allows arbitrary code executionEcosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: aries-cloudagent
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 4 months ago
GSA_kwCzR0hTQS05N3g5LTU5cnYtcTVwbc4AA4Tl
Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VCEcosystems: pypi
Packages: aries-cloudagent
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 4 months ago
High
Ecosystems: pypi
Packages: fonttools
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: 4 months ago
GSA_kwCzR0hTQS02NjczLTQ5ODMtMnZ4Nc4AA4Sn
fonttools XML External Entity Injection (XXE) VulnerabilityEcosystems: pypi
Packages: fonttools
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: 4 months ago
Moderate
Ecosystems: pypi, npm
Packages: appwrite, appwrite-cli
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 4 months ago
GSA_kwCzR0hTQS1nNzc3LWNycDktbTI3Z84AA4SE
Apprite CLI makes Use of Hard-coded CredentialsEcosystems: pypi, npm
Packages: appwrite, appwrite-cli
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 4 months ago
High
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1tcXBxLTJwNjgtNDZmds4AA4Qg
pyload Unauthenticated Flask Configuration Leakage vulnerabilityEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1naG13LXJ3aDgtNnFtcs4AA4PI
pyload Log Injection vulnerabilityEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
High
Ecosystems: pypi
Packages: dtale
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 4 months ago
GSA_kwCzR0hTQS03aGZ4LWgzajMtcndxNM4AA4N6
D-Tale server-side request forgery through Web uploadsEcosystems: pypi
Packages: dtale
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: pycryptodome, pycryptodomex
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: 4 months ago
GSA_kwCzR0hTQS1qMjI1LWN2dzctcXJ4N84AA4M5
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryptionEcosystems: pypi
Packages: pycryptodome, pycryptodomex
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS12OXBnLXF3NngtdzVyMs4AA4LF
PaddlePaddle floating point exception in paddle.aminEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS1yeDJyLXE5NmMtdzVjY84AA4LB
PaddlePaddle floating point exception in paddle.topkEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS0yNzVjLXc1bXEtdjVtMs4AA4LE
PaddlePaddle floating point exception in paddle.argmin and paddle.argmaxEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
High
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 5 months ago
GSA_kwCzR0hTQS04ZnA3LWp3djItNDl4Oc4AA4LA
PaddlePaddle heap buffer overflow in paddle.repeat_interleaveEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 5 months ago
GSA_kwCzR0hTQS1qNWg5LTlyMzktNDNxNc4AA4K-
PaddlePaddle command injection in get_online_pass_intervalEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 5 months ago
High
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 5 months ago
GSA_kwCzR0hTQS1nNTd2LTI2ODctangzM84AA4K8
PaddlePaddle stack overflow in paddle.linalg.lu_unpackEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS1xcHB3LWMzN2cteHdjY84AA4LH
PaddlePaddle nullptr dereference in paddle.cropEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS1yZzlxLW04aHYteHhyNs4AA4K9
PaddlePaddle floating point exception in paddle.lerpEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 5 months ago
GSA_kwCzR0hTQS1yZjdwLTc5eHEtOHh3bc4AA4LC
PaddlePaddle command injection in _wget_downloadEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 5 months ago
GSA_kwCzR0hTQS0zY3I1LTI0NDYtOHBnM84AA4Kt
PaddlePaddle command injection in convert_shape_compareEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 5 months ago
High
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 5 months ago
GSA_kwCzR0hTQS00cnJ2LThnY3AtMjR2OM4AA4K4
PaddlePaddle stack overflow in paddle.searchsortedEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS1tcjc4LXY1NXAtNzc3N84AA4K5
PaddlePaddle segfault in paddle.modeEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS0yd2NqLXFyNzYtOTc2OM4AA4K6
PaddlePaddle segfault in paddle.put_along_axisEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS14M3E5LWM3ODgtajdjOM4AA4K0
PaddlePaddle segfault in paddle.dotEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS01NDdtLTIzeDctY3hnNc4AA4K3
PaddlePaddle null pointer dereference in paddle.nextafterEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS1qbTY4LWZwbXItOGoyZ84AA4K1
PaddlePaddle floating point exception in paddle.linalg.matrix_rankEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS1jNnBoLW04Y3ctcmZxaM4AA4K2
PaddlePaddle floating point exception in paddle.linalg.eigEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
GSA_kwCzR0hTQS14anB3LWh4NDctcmNjds4AA4Ks
PaddlePaddle floating point exception in paddle.nanmedianEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: hail
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
GSA_kwCzR0hTQS00ODdwLXF4NjgtNXZqd84AA4Jl
Hail relies on OIDC email claims to verify the validity of a user's domain.Ecosystems: pypi
Packages: hail
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 5 months ago
GSA_kwCzR0hTQS1qcHZ3LXA4cHItOWcyeM4AA4D9
Ansible symlink attack vulnerabilityEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: jwcrypto
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: 5 months ago
GSA_kwCzR0hTQS1jdzJyLTRwODItcXY3Oc4AA4Dz
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count valueEcosystems: pypi
Packages: jwcrypto
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: flask-security-too, Flask-Security-Too
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 5 months ago
GSA_kwCzR0hTQS02NzJoLTZ4ODktNzZtNc4AA4Cj
Open redirect vulnerability in Flask-Security-TooEcosystems: pypi
Packages: flask-security-too, Flask-Security-Too
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 5 months ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 5 months ago
GSA_kwCzR0hTQS12ZjVtLXhyaG0tdjk5Oc4AA4AF
Nautobot missing object-level permissions enforcement when running Job ButtonsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 5 months ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: 5 months ago
GSA_kwCzR0hTQS02cW0yLXdweHEtN3FoMs4AA39-
Gradio makes the `/file` secure against file traversal and server-side request forgery attacksEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
GSA_kwCzR0hTQS01OTM4LTc5aGcteGgzcc4AA39c
Apache Airflow Improper Access Control vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
GSA_kwCzR0hTQS02bTlyLTd3cngteG1yNs4AA39d
Apache Airflow Cross-Site Request Forgery vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 5 months ago
GSA_kwCzR0hTQS04ZjU3LXdjbWctNGptaM4AA39V
Apache Airflow vulnerable to Exposure of Resource to Wrong SphereEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 5 months ago
GSA_kwCzR0hTQS1weGNoLXdyN20tcnd4as4AA39U
Apache Airflow has a stored cross-site scripting vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 5 months ago
High
Ecosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: 5 months ago
GSA_kwCzR0hTQS12NjhnLXdtOGMtNng3as4AA38Z
transformers has a Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
GSA_kwCzR0hTQS13djhxLTRmODUtMnA4cM4AA37f
MLflow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
GSA_kwCzR0hTQS1xZzhwLTMyZ3ItZ2g2eM4AA37h
MLflow Local File Disclosure VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
GSA_kwCzR0hTQS01OXYzLTg5OHItcXdoas4AA37g
MLflow Server-Side Request Forgery (SSRF)Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
GSA_kwCzR0hTQS1oaDhwLXA4bXAtZ3Fobc4AA37i
MLFlow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
GSA_kwCzR0hTQS01cjNxLTkzcTMtZjk3OM4AA37c
MLflow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
High
Ecosystems: pypi
Packages: emailproxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS05d2dnLW05OXEtaGhmY84AA36z
Expired tokens can be renewed without validating the account passwordEcosystems: pypi
Packages: emailproxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 5 months ago
GSA_kwCzR0hTQS0zODYzLTI0NDctNjY5cM4AA35m
transformers has a Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
GSA_kwCzR0hTQS05NW1nLWpnZngtNTR2Oc4AA35k
Apache Superset uncontrolled resource consumptionEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
GSA_kwCzR0hTQS1qZnhqLXhmNjcteDcyM84AA35f
Apache Superset SQL injection vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
High
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 5 months ago
GSA_kwCzR0hTQS1nNDlqLWo0ODktM3hwZs4AA35g
Apache Superset incorrect write permissions vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
GSA_kwCzR0hTQS1odmM2LTQydmYtamhmOM4AA35I
mlflow Command Injection vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: malojaserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS00aDcyLTM0ajYtajh4N84AA34K
Maloja error page XSS vulnerabilityEcosystems: pypi
Packages: malojaserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Moderate
Ecosystems: pypi, go, cargo
Packages: paramiko, golang.org/x/crypto, russh
Source: GitHub Advisory Database
Blast Radius: 63.5
Published: 5 months ago
GSA_kwCzR0hTQS00NXg3LXB4MzYteDh3OM4AA34H
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka TerrapinEcosystems: pypi, go, cargo
Packages: paramiko, golang.org/x/crypto, russh
Source: GitHub Advisory Database
Blast Radius: 63.5
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: asyncssh
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 5 months ago
GSA_kwCzR0hTQS1oZm1jLTc1MjUtbWo1Nc4AA34G
AsyncSSH vulnerable to Prefix Truncation Attack (a.k.a. Terrapin Attack) against ChaCha20-Poly1305 and Encrypt-then-MACEcosystems: pypi
Packages: asyncssh
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: homeassistant
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 5 months ago
GSA_kwCzR0hTQS1qcXBjLXJjN2ctdmY4M84AA321
User accounts disclosed to unauthenticated actors on the LANEcosystems: pypi
Packages: homeassistant
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS1qOHc2LTJyOWgtY3hoas4AA3ym
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 779
Ecosystems: 12
Packages: 8,381
Repositories: 779
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
53
Plone
52
apache-superset
49
nova
45
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
moin
34
mlflow
33
Django
30
opencv-python
30
opencv-contrib-python
30
keystone
30
langchain
18
glance
18
mercurial
17
PaddlePaddle
17
cobbler
17
pillow
16
neutron
16
cryptography
15
paddlepaddle
15
gradio
15
notebook
15
modoboa
14
pyftpdlib
14
pyload-ng
14
OctoPrint
13
vantage6
12
swift
12
aiohttp
11
onionshare-cli
11
twisted
11
calibreweb
11
urllib3
11
horizon
11
wagtail
10
trytond
10
Flask-AppBuilder
10
ethyca-fides
9
zope
9
waitress
9
Zope
9
kiwitcms
9
opencv-contrib-python-headless
9
opencv-python-headless
9
ryu
9
roundup
9
nautobot
9
label-studio
8
cinder
8
trac
8
numpy
8
aubio
8
python-keystoneclient
8
scrapy
7
pgadmin4
7
jupyter-server
7
ipython
7
lief
7
matrix-sydent
7
pysaml2
7
pip
7
inventree
6
mindsdb
6
sentry
6
apache-airflow-providers-apache-hive
6
Zope2
6
tuf
6
web2py
6
lxml
6
graphite-web
6
mailman
6
Moin
6
feedparser
5
python-gnupg
5
bleach
5
Products.CMFPlone
5
saleor
5
paramiko
5
pyspark
5
Jinja2
5
requests
5
lmdb
5
whoogle-search
5
ckan
5
barbican
4
tripleo-heat-templates
4
starlette
4
Scrapy
4
jupyterhub
4
oauthenticator
4
httpie
4
keylime
4
FreeTAKServer-UI
4
PyPDF2
4
omero-web
4
transformers
4
grpcio
4
markdown2
4
qutebrowser
4
grpc
4
tornado
4
werkzeug
4
yt-dlp
4
nvflare
4
nltk
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
datasette
4
esphome
4
Keystone
4
GitPython
4
Radicale
4
reportlab
4
aws-iot-device-sdk-v2
4
ansible-core
4
jwcrypto
4
Pygments
4
Werkzeug
4
buildbot
4
pretix
4
bottle
4
awsiotsdk
4
Flask-Security-Too
4
ecdsa
3
ujson
3
ray
3
Weblate
3
ajenti
3
asyncssh
3
pyarrow
3
Kallithea
3
sanic
3
changedetection.io
3
sosreport
3
flask
3
io.grpc:grpc-protobuf
3
onnx
3
sickrage
3
Mezzanine
3
mistune
3
openvpn-monitor
3
streamlit
3
copyparty
3
Nova
3
indy-node
3
aim
3
localstack
3
mayan-edms
3
pandasai
3
poetry
3
protobuf
3
gerapy
3
bitlyshortener
3
indico
3
jupyterlab
3
pywasm3
3
python-jose
3
keyring
3
wger
3
asyncua
3
apache-iotdb
3
Products.PluggableAuthService
3
rsa
3
fava
3
keystonemiddleware
3
pyyaml
3
apache-airflow-providers-apache-spark
3
docassemble.webapp
3
quokka
3
clearml
3
SQLAlchemy
3
dulwich
3
django-helpdesk
3
ansible-runner
3
slixmpp
3
sqlparse
3
octavia
3
homeassistant
3
torchserve
3
pycrypto
3
apache-libcloud
3
plone.supermodel
3
plone.app.dexterity
3
plone.app.event
3
zenml
3
mitmproxy
3
httplib2
3
plone.app.theming
3
django-unicorn
2
piccolo
2
cabot
2
Filter by Repository
https://github.com/tensorflow/tensorflow
432
https://github.com/django/django
95
https://github.com/apache/airflow
90
https://github.com/ansible/ansible
53
https://github.com/python-pillow/Pillow
52
https://github.com/ikus060/rdiffweb
42
https://github.com/vyperlang/vyper
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/openstack/nova
36
https://github.com/matrix-org/synapse
32
https://github.com/saltstack/salt
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/opencv/opencv
28
https://github.com/openstack/keystone
27
https://github.com/mlflow/mlflow
27
https://github.com/cobbler/cobbler
14
https://github.com/langchain-ai/langchain
14
https://github.com/vantage6/vantage6
14
https://github.com/pyca/cryptography
14
https://github.com/pyload/pyload
14
https://github.com/gradio-app/gradio
14
https://github.com/modoboa/modoboa
13
https://github.com/twisted/twisted
12
https://github.com/aio-libs/aiohttp
11
https://github.com/urllib3/urllib3
11
https://github.com/onionshare/onionshare
11
https://github.com/scrapy/scrapy
11
https://github.com/janeczku/calibre-web
11
https://github.com/jupyter/notebook
10
https://github.com/openstack/glance
10
https://github.com/dpgaspar/Flask-AppBuilder
10
https://github.com/zopefoundation/Zope
10
https://github.com/wagtail/wagtail
10
https://github.com/apache/superset
9
https://github.com/nautobot/nautobot
9
https://github.com/pgadmin-org/pgadmin4
9
https://github.com/Pylons/waitress
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/faucetsdn/ryu
9
https://github.com/openstack/horizon
9
https://github.com/ethyca/fides
9
https://github.com/kiwitcms/Kiwi
8
https://github.com/ipython/ipython
8
https://github.com/numpy/numpy
8
https://github.com/octoprint/octoprint
8
https://github.com/openstack/neutron
7
https://github.com/lief-project/LIEF
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/aubio/aubio
7
https://github.com/openstack/swift
7
https://github.com/lxml/lxml
6
https://github.com/OctoPrint/OctoPrint
6
https://github.com/jupyter-server/jupyter_server
6
https://github.com/pypa/pip
6
https://github.com/openstack/cinder
6
https://github.com/HumanSignal/label-studio
6
https://github.com/graphite-project/graphite-web
6
https://github.com/matrix-org/sydent
6
https://github.com/getsentry/sentry
6
https://github.com/mindsdb/mindsdb
6
https://github.com/pallets/werkzeug
6
https://github.com/mozilla/bleach
5
https://github.com/hwchase17/langchain
5
https://github.com/benbusby/whoogle-search
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/tryton/trytond
5
https://github.com/keylime/keylime
5
https://github.com/ckan/ckan
4
https://github.com/Flask-Middleware/flask-security
4
https://github.com/esphome/esphome
4
https://github.com/latchset/jwcrypto
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/py-pdf/pypdf
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/rohe/pysaml2
4
https://github.com/huggingface/transformers
4
https://github.com/ronf/asyncssh
4
https://github.com/simonw/datasette
4
https://github.com/grpc/grpc
4
https://github.com/bottlepy/bottle
4
https://github.com/psf/requests
4
https://github.com/saleor/saleor
4
https://github.com/jhpyle/docassemble
4
https://github.com/yt-dlp/yt-dlp
4
https://github.com/inventree/InvenTree
4
https://github.com/WeblateOrg/weblate
4
https://github.com/web2py/web2py
4
https://github.com/Kozea/Radicale
4
https://github.com/tornadoweb/tornado
4
https://github.com/pallets/jinja
4
https://github.com/jupyterhub/oauthenticator
4
https://sourceforge.net/projects/roject
3
https://github.com/gventuri/pandas-ai
3
https://gitlab.com/mayan-edms/mayan-edms
3
https://github.com/trentm/python-markdown2
3
https://github.com/pygments/pygments
3
https://github.com/MobSF/Mobile-Security-Framework-MobSF
3
https://github.com/ansible/ansible-runner
3
https://github.com/pyca/pyopenssl
3
https://github.com/home-assistant/core
3
https://github.com/ome/omero-web
3
https://github.com/djblets/djblets
3
https://github.com/pretix/pretix
3
https://github.com/indico/indico
3
https://github.com/beancount/fava
3
https://github.com/furlongm/openvpn-monitor
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/github/securitylab
3
https://github.com/pytorch/serve
3
https://github.com/nltk/nltk
3
https://github.com/wasm3/wasm3
3
https://github.com/python/cpython
3
https://github.com/Cog-Creators/Red-DiscordBot
3
https://github.com/jupyterlab/jupyterlab
3
https://github.com/jupyterhub/jupyterhub
3
https://github.com/Gerapy/Gerapy
3
https://github.com/mitmproxy/mitmproxy
3
https://github.com/rochacbruno/quokka
3
https://github.com/openstack/octavia
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/encode/starlette
3
https://github.com/pypa/advisory-db
3
https://github.com/run-llama/llama_index
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/dlitz/pycrypto
3
https://github.com/mpdavis/python-jose
3
https://github.com/pallets/flask
3
https://github.com/lepture/mistune
3
https://github.com/sqlalchemy/sqlalchemy
3
https://github.com/hyperledger/indy-node
3
https://github.com/9001/copyparty
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/yaml/pyyaml
3
https://github.com/sosreport/sos
3
https://github.com/django-helpdesk/django-helpdesk
3
https://github.com/dgtlmoon/changedetection.io
3
https://github.com/theupdateframework/tuf
3
https://github.com/onnx/onnx
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/httplib2/httplib2
3
https://github.com/poezio/slixmpp
3
https://github.com/streamlit/streamlit
3
https://github.com/paramiko/paramiko
3
https://github.com/zenml-io/zenml
3
https://github.com/ethereum/eth-abi
2
https://github.com/openstack/magnum
2
https://github.com/mirumee/saleor
2
https://github.com/petl-developers/petl
2
https://github.com/executablebooks/markdown-it-py
2
https://github.com/pytest-dev/py
2
https://github.com/piccolo-orm/piccolo
2
https://github.com/eventlet/eventlet
2
https://github.com/MirahezeBots/sopel-channelmgnt
2
https://github.com/embedchain/embedchain
2
https://github.com/python-imaging/Pillow
2
https://github.com/python-ldap/python-ldap
2
https://github.com/facebookresearch/ParlAI
2
https://github.com/python-poetry/poetry
2
https://github.com/clinical-genomics/scout
2
https://github.com/DIRACGrid/DIRAC
2
https://github.com/encode/uvicorn
2
https://github.com/pretalx/pretalx
2
https://github.com/django-wiki/django-wiki
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/mongodb/mongo-python-driver
2
https://github.com/OpenZeppelin/cairo-contracts
2
https://github.com/dask/distributed
2
https://github.com/DataDog/guarddog
2
https://github.com/moggers87/django-sendfile2
2
https://github.com/openstack/tripleo-heat-templates
2
https://github.com/Netflix/lemur
2
https://github.com/cure53/DOMPurify
2
https://github.com/plone/Products.ATContentTypes
2
https://github.com/pyinstaller/pyinstaller
2
https://github.com/corydolphin/flask-cors
2
https://github.com/plone/plone.restapi
2
https://github.com/openstack/barbican
2
https://github.com/dbt-labs/dbt-core
2
https://github.com/FreeTAKTeam/FreeTakServer
2
https://github.com/geopython/OWSLib
2
https://github.com/openstack/ossa
2
https://github.com/FreeOpcUa/opcua-asyncio
2
https://github.com/nexB/scancode.io
2
https://github.com/devsnd/cherrymusic
2
https://github.com/NVIDIA/NeMo
2
https://github.com/Legrandin/pycryptodome
2
https://github.com/stchris/untangle
2
https://github.com/warner/python-ecdsa
2
https://github.com/starkbank/ecdsa-python
2
https://github.com/aws/aws-encryption-sdk-cli
2
https://github.com/snowflakedb/snowflake-connector-python
2
https://github.com/jupyterhub/jupyter-server-proxy
2
https://github.com/aws/sagemaker-python-sdk
2
https://github.com/simplegeo/python-oauth2
2
https://github.com/httpie/httpie
2