Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi Security Advisories
Loading...
High
Ecosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 11 hours ago
GSA_kwCzR0hTQS03cGMzLXByM3EtNTh2Z84AA7v3
sagemaker-python-sdk Command Injection vulnerabilityEcosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 11 hours ago
High
Ecosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 11 hours ago
GSA_kwCzR0hTQS13anZ4LWpocGotcjU0cs4AA7v2
sagemaker-python-sdk vulnerable to Deserialization of Untrusted DataEcosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 11 hours ago
Low
Ecosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 12 hours ago
GSA_kwCzR0hTQS1nN3Z2LTJ2N3gtZ2o5cM4AA7v0
tqdm CLI arguments injection attackEcosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 12 hours ago
Moderate
Ecosystems: pypi
Packages: changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 14 hours ago
GSA_kwCzR0hTQS1wd2djLXc0eDktZ3c2N84AA7vS
changedetection.io Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 14 hours ago
High
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 14 hours ago
GSA_kwCzR0hTQS01bTk4LXFnZzktd2g4NM4AA7vP
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requestsEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 14 hours ago
High
Ecosystems: pypi
Packages: pgAdmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 1 day ago
GSA_kwCzR0hTQS14djY0LThwNHItOTRncc4AA7h_
pgAdmin Cross-site Scripting vulnerability in /settings/store API response json payloadEcosystems: pypi
Packages: pgAdmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 1 day ago
High
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 1 day ago
GSA_kwCzR0hTQS0ybXZjLTU1N2ctNTYzOM4AA7ig
pgAdmin is affected by a multi-factor authentication bypass vulnerabilityEcosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 1 day ago
Low
Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 3 days ago
GSA_kwCzR0hTQS13MnY4LXBocDQtcDhoY84AA7eE
Wagtail has permission check bypass when editing a model with per-field restrictions through `wagtail.contrib.settings` or `ModelViewSet`Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 3 days ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 3 days ago
GSA_kwCzR0hTQS1qeGdyLWdjajUtY3FxZ84AA7cp
nautobot has reflected Cross-site Scripting potential in all object list viewsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 3 days ago
High
Ecosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: 8 days ago
GSA_kwCzR0hTQS02YzVwLWo4dnEtcHFoas4AA7UT
python-jose algorithm confusion with OpenSSH ECDSA keysEcosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: 8 days ago
Moderate
Ecosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 8 days ago
GSA_kwCzR0hTQS1jandnLXFmcG0tNzM3N84AA7UU
python-jose denial of service via compressed JWE contentEcosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 8 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
GSA_kwCzR0hTQS1wcHg1LXEzNTktcHZ3as4AA7UK
vyper's range(start, start + N) reverts for negative numbersEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
GSA_kwCzR0hTQS14Y2hxLXc1cjMtNHdnM84AA7UJ
vyper performs incorrect topic logging in raw_logEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
GSA_kwCzR0hTQS1yNTZ4LWo0Mzgtdnc1bc4AA7UI
vyper performs double eval of the slice args when buffer from adhoc locationsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
GSA_kwCzR0hTQS0zd2hxLTY0cTItcWZqNs4AA7UH
vyper performs double eval of raw_args in create_from_blueprintEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
GSA_kwCzR0hTQS1tMnY5LXczNzQtNWhqOc4AA7UG
vyper default functions don't respect nonreentrancy keysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
GSA_kwCzR0hTQS01anJqLTUyeDgtbTY0aM4AA7UF
vyper performs double eval of the argument of sqrtEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 days ago
Critical
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
GSA_kwCzR0hTQS0zZjd3LXA4dnItNHY1Zs4AA7Ss
pyLoad allows upload to arbitrary folder lead to RCEEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Moderate
Ecosystems: pypi
Packages: social-auth-app-django
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 10 days ago
GSA_kwCzR0hTQS0yZ3I4LTN3YzcteGhqM84AA7Sd
social-auth-app-django affected by Improper Handling of Case SensitivityEcosystems: pypi
Packages: social-auth-app-django
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 10 days ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 10 days ago
GSA_kwCzR0hTQS0zaDdxLXJmaDkteG00ds4AA7QQ
Synapse V2 state resolution weakness allows Denial of Service (DoS)Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 10 days ago
Moderate
Ecosystems: pypi
Packages: cg
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 days ago
GSA_kwCzR0hTQS13MjI4LXJmcHgtZmhtNM4AA7QL
cg vulnerable to an Open Redirect Vulnerability on Referer HeaderEcosystems: pypi
Packages: cg
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 days ago
High
Ecosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: 11 days ago
GSA_kwCzR0hTQS1wNzJxLWgzN2otM2hxN84AA7Pf
dbt uses a SQLparse version with a high vulnerabilityEcosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: 11 days ago
High
Ecosystems: pypi
Packages: storlets
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 12 days ago
GSA_kwCzR0hTQS1yZm0yLWY5NGotcWhqcM4AA7Om
OpenStack Storlets arbitrary code execution vulnerabilityEcosystems: pypi
Packages: storlets
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 12 days ago
Moderate
Ecosystems: pypi
Packages: apache-airflow-providers-ftp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS0zZ2c4LW1jODctY3EzaM4AA7OB
Improper Certificate Validation vulnerability in Apache Airflow FTP ProviderEcosystems: pypi
Packages: apache-airflow-providers-ftp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: flask-cors
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 14 days ago
GSA_kwCzR0hTQS04NHByLW00anItODVnNc4AA7Nz
flask-cors vulnerable to log injection when the log level is set to debugEcosystems: pypi
Packages: flask-cors
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 14 days ago
High
Ecosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 16 days ago
GSA_kwCzR0hTQS02Y2ptLTRweHctN3hwOc4AA7Lx
Sentry vulnerable to leaking superuser cleartext password in logsEcosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 16 days ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: 16 days ago
GSA_kwCzR0hTQS03Z3B3LTh3bWMtcG04Z84AA7Ls
aiohttp Cross-site Scripting vulnerability on index pages for static file handlingEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: 16 days ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 16 days ago
GSA_kwCzR0hTQS0yNTIyLW1yamMtbTY4OM4AA7Kq
Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config usedEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 16 days ago
Moderate
Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: 18 days ago
GSA_kwCzR0hTQS05M2M1LXJqMnAtdzUyeM4AA7CX
Cross-site Scripting (XSS) in mindsdb/mindsdbEcosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: 18 days ago
Critical
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 18 days ago
GSA_kwCzR0hTQS1yNmdwLXJmZjItcDNoZs4AA7Ca
llama-index-core Command Injection vulnerabilityEcosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 18 days ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: 18 days ago
GSA_kwCzR0hTQS1ocTg4LXdnN3EtZ3A0Z84AA7CC
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: 18 days ago
Moderate
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
GSA_kwCzR0hTQS1yZ3A4LXBtMjgtMzc1Oc4AA7CB
langchain vulnerable to path traversalEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
Critical
Ecosystems: pypi
Packages: bentoml
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: 18 days ago
GSA_kwCzR0hTQS1odmo1LW12dzktOTNqM84AA7CZ
Insecure deserialization in BentoMLEcosystems: pypi
Packages: bentoml
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: 18 days ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
GSA_kwCzR0hTQS1tNDljLTVjNTItNjY5Ns4AA7B8
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: 18 days ago
GSA_kwCzR0hTQS01bXZqLXdtZ2otN3E4Y84AA7CR
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: 18 days ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
GSA_kwCzR0hTQS1qNjJyLXd4cXEtZjNnZs4AA7B4
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
GSA_kwCzR0hTQS1mNDJtLW12ZnYtY2d3Nc4AA7B7
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: 18 days ago
GSA_kwCzR0hTQS1nOWNqLWNmcHAtNGcyeM4AA7B5
gradio vulnerable to Path TraversalEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: 18 days ago
Critical
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 18 days ago
GSA_kwCzR0hTQS02aDNmLTQzdnEtNTNoas4AA7CV
Directory traversal in zenmlEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 18 days ago
Moderate
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 18 days ago
GSA_kwCzR0hTQS1nM3I1LTcyaGYtcDdwMs4AA7CW
zenml Session Fixation vulnerabilityEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 18 days ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
GSA_kwCzR0hTQS1mODJyLWpqNXItNmc5N84AA7CM
mlflow Path Traversal vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 18 days ago
High
Ecosystems: pypi
Packages: gunicorn
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: 18 days ago
GSA_kwCzR0hTQS13M2gzLTRyajctNHBoNM4AA7B3
Request smuggling leading to endpoint restriction bypass in GunicornEcosystems: pypi
Packages: gunicorn
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: 18 days ago
Moderate
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: 18 days ago
GSA_kwCzR0hTQS1xaDZ4LWo4MmgtdnBmOc4AA7CK
gradio Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: 18 days ago
High
Ecosystems: pypi
Packages: sqlparse
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: 18 days ago
GSA_kwCzR0hTQS0ybTU3LWhmMjUtcGhnZ84AA7Be
sqlparse parsing heavily nested list leads to Denial of ServiceEcosystems: pypi
Packages: sqlparse
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: 18 days ago
Moderate
Ecosystems: pypi
Packages: pydantic
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 19 days ago
GSA_kwCzR0hTQS1tcjgyLThqODMtdnhtds4AA6-j
Pydantic regular expression denial of serviceEcosystems: pypi
Packages: pydantic
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 19 days ago
High
Ecosystems: pypi
Packages: nicegui
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 21 days ago
GSA_kwCzR0hTQS1td2M3LTY0d2ctcGd2as4AA69-
NiceGUI allows potential access to local file systemEcosystems: pypi
Packages: nicegui
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 21 days ago
Moderate
Ecosystems: pypi
Packages: magnum
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 22 days ago
GSA_kwCzR0hTQS1qeDd4LTlyOTgtaDV4cs4AA68u
OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attackEcosystems: pypi
Packages: magnum
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 22 days ago
Moderate
Ecosystems: pypi
Packages: idna
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: 22 days ago
GSA_kwCzR0hTQS1qamc3LTJ2NHYteDM4aM4AA670
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encodeEcosystems: pypi
Packages: idna
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: 22 days ago
Moderate
Ecosystems: pypi
Packages: dnspython, eventlet
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: 23 days ago
GSA_kwCzR0hTQS0zcnE1LTJnOGgtNTloY84AA67c
Potential DoS via the Tudoor mechanism in eventlet and dnspythonEcosystems: pypi
Packages: dnspython, eventlet
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: 23 days ago
Critical
Ecosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 24 days ago
GSA_kwCzR0hTQS1teHZ3LWNqMzctOGcyaM4AA64v
Aim Web API vulnerable to Remote Code ExecutionEcosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 24 days ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: 24 days ago
GSA_kwCzR0hTQS0zZjk1LW14cTItMmY2M84AA64H
Gradio Local File Inclusion vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: 24 days ago
High
Ecosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: 24 days ago
GSA_kwCzR0hTQS05OXcyLTY3aDgtNTk0OM4AA64t
Aim Cross-Site Request Forgery vulnerability allows user to delete runs and perform other operationsEcosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: 24 days ago
Low
Ecosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: 24 days ago
GSA_kwCzR0hTQS0zN3E1LXY1cW0tYzl2OM4AA649
Transformers Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: 24 days ago
Critical
Ecosystems: pypi
Packages: litellm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 24 days ago
GSA_kwCzR0hTQS00NmNtLXBmd3YtY2dmOM4AA64p
LiteLLM has Server-Side Template Injection vulnerability in /completions endpointEcosystems: pypi
Packages: litellm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 24 days ago
Critical
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 24 days ago
GSA_kwCzR0hTQS13dnB4LWc0MjctcTl3Y84AA64y
llama-index-core Prompt Injection vulnerability leading to Arbitrary Code ExecutionEcosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 24 days ago
High
Ecosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 24 days ago
GSA_kwCzR0hTQS1oanE2LTUyZ3ctMmc3cM4AA63l
yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)Ecosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 24 days ago
High
Ecosystems: pypi
Packages: DIRAC
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
GSA_kwCzR0hTQS12NmYzLWdoNWgtbXF3eM4AA6wV
DIRAC: Unauthorized users can read proxy contents during generationEcosystems: pypi
Packages: DIRAC
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
High
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 26 days ago
GSA_kwCzR0hTQS1wMjh4LWhqNjgtN3ZmcM4AA6ug
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 26 days ago
Moderate
Ecosystems: pypi
Packages: pymongo
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 28 days ago
GSA_kwCzR0hTQS1jcjZmLWdmNXctdmhyY84AA6rV
PyMongo Out-of-bounds Read in the bson moduleEcosystems: pypi
Packages: pymongo
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 28 days ago
High
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 30 days ago
GSA_kwCzR0hTQS0yN2p4LWZmdzgteHJxds4AA6pB
pgAdmin Remote Code Execution (RCE) vulnerabilityEcosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 30 days ago
Moderate
Ecosystems: pypi
Packages: mobsf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 30 days ago
GSA_kwCzR0hTQS13cGZmLXdtODQteDVjeM4AA6o4
Mobile Security Framework (MobSF) vulnerable to SSRF in firebase database checkEcosystems: pypi
Packages: mobsf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 30 days ago
High
Ecosystems: pypi
Packages: voila
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 1 month ago
GSA_kwCzR0hTQS0ycTU5LWgyNGMtdzZmZ84AA6ks
Voilà Local file inclusionEcosystems: pypi
Packages: voila
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: about 1 month ago
GSA_kwCzR0hTQS00NHdtLWYyNDQteGhwM84AA6j6
Pillow buffer overflow vulnerabilityEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: about 1 month ago
High
Ecosystems: pypi
Packages: piccolo-admin
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: about 1 month ago
GSA_kwCzR0hTQS1wbXd3LXY2YzktN3A4M84AA6gN
Piccolo Admin's raw SVG loading may lead to complete data compromise from admin pageEcosystems: pypi
Packages: piccolo-admin
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: about 1 month ago
High
Ecosystems: pypi, cargo
Packages: aliyundrive-webdav
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS03M3YyLXJ4cXAtN3E0Zs4AA6dc
aliyundrive-webdav vulnerable to Command InjectionEcosystems: pypi, cargo
Packages: aliyundrive-webdav
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: about 1 month ago
GSA_kwCzR0hTQS1tcmozLWYyaDQtN3c0Nc4AA6av
Saleor: Customers' addresses leak when using Warehouse as a `Pickup: Local stock only` delivery methodEcosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: about 1 month ago
High
Ecosystems: pypi
Packages: jupyterhub
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 1 month ago
GSA_kwCzR0hTQS03cjNoLTRwaDgtdzM4Z84AA6at
Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie TossingEcosystems: pypi
Packages: jupyterhub
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 1 month ago
High
Ecosystems: pypi
Packages: Lektor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS13djI4LTdmcHctZmo0Oc4AA6Vg
Lektor does not sanitize database path traversalEcosystems: pypi
Packages: Lektor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: about 1 month ago
GSA_kwCzR0hTQS1yMzY0LW0yajktbWY0aM4AA6Un
gradio Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 1 month ago
GSA_kwCzR0hTQS1jZmYzLTVxcnAtaHF4N84AA6TU
Apache Airflow Improper Preservation of Permissions vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: langchain-core
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: about 1 month ago
GSA_kwCzR0hTQS1xODRtLXJtdzMtNDM4Ms4AA6Si
LangChain's XMLOutputParser vulnerable to XML Entity ExpansionEcosystems: pypi
Packages: langchain-core
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: about 1 month ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 month ago
GSA_kwCzR0hTQS1tNzMyLXd2aDItN2NxNM4AA6R7
Unauthenticated views may expose information to anonymous usersEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 month ago
High
Ecosystems: pypi
Packages: ansys-geometry-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS0zOGpyLTI5Zmgtdzl2bc4AA6RX
ansys-geometry-core OS Command Injection vulnerabilityEcosystems: pypi
Packages: ansys-geometry-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: about 1 month ago
GSA_kwCzR0hTQS1qd3JjLTN2M2YtNWNxNc4AA6Ph
PaddlePaddle allows arbitrary file read via paddle.vision.ops.read_fileEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: about 1 month ago
High
Ecosystems: pypi
Packages: mobsfscan
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS13ZmdqLXdyZ2gtaDNyM84AA6PP
SSRF Vulnerability on assetlinks_check(act_name, well_knowns)Ecosystems: pypi
Packages: mobsfscan
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: about 1 month ago
GSA_kwCzR0hTQS0zeDlnLXhmajUtZnE4NM4AA6Nf
Cross-Site Request Forgery in GradioEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: about 1 month ago
High
Ecosystems: pypi
Packages: esphome
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: about 1 month ago
GSA_kwCzR0hTQS01OTI1LTg4eGgtNmg5Oc4AA6NN
ESPHome vulnerable to Authentication bypass via Cross site request forgeryEcosystems: pypi
Packages: esphome
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: about 1 month ago
High
Ecosystems: pypi
Packages: oauthenticator
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
GSA_kwCzR0hTQS01NW0zLTQ0eGYtaGc0aM4AA6LI
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspaceEcosystems: pypi
Packages: oauthenticator
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 month ago
GSA_kwCzR0hTQS14NHg1LWp2M3gtOWM3bc4AA6LF
`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary codeEcosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 month ago
Low
Ecosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 month ago
GSA_kwCzR0hTQS1jcTk2LTk5NzQtdjhobc4AA6LE
Dynamic Variable Evaluation in qiskit-ibm-runtimeEcosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: jupyter-server-proxy
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 1 month ago
GSA_kwCzR0hTQS13M3ZjLWZ4OXAtd3A0ds4AA6JP
Jupyter Server Proxy's Websocket Proxying does not require authenticationEcosystems: pypi
Packages: jupyter-server-proxy
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: black
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: about 2 months ago
GSA_kwCzR0hTQS1majd4LXE5ajctZzZxNs4AA6He
Black vulnerable to Regular Expression Denial of Service (ReDoS)Ecosystems: pypi
Packages: black
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: about 2 months ago
High
Ecosystems: pypi
Packages: wiki
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: about 2 months ago
GSA_kwCzR0hTQS13ajg1LXc0ZjQteGg4aM4AA6Gp
Denial of service via regular expressionEcosystems: pypi
Packages: wiki
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 2 months ago
GSA_kwCzR0hTQS14N21mLXdyaDktcjc2Y84AA6Gj
XSS via the "Snapshot Test" feature in Classic Webcam plugin settingsEcosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 2 months ago
High
Ecosystems: pypi
Packages: astropy
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 2 months ago
GSA_kwCzR0hTQS1oMng2LTVqeDUtNDZoZs4AA6Gg
RCE in TranformGraph().to_dot_graph functionEcosystems: pypi
Packages: astropy
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: yaql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1tdmY2LWh3eGgtN3Y3Ns4AA6Eg
Information leakage in YAQLEcosystems: pypi
Packages: yaql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: djangorestframework-simplejwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS01dmNjLTg2d20tNTQ3cc4AA6DQ
Improper Privilege Management in djangorestframework-simplejwtEcosystems: pypi
Packages: djangorestframework-simplejwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS12bThxLW01N2ctcGZmM84AA6CU
Regular expression denial-of-service in DjangoEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: fgr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS04NzlwLThndzQtbWNwd84AA6CK
fgr Vulnerable to Insecure Default Variable InitializationEcosystems: pypi
Packages: fgr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: about 2 months ago
GSA_kwCzR0hTQS01aDN4LTZnd2YtNzNqbc4AA6B2
vantage6 vulnerable to a username timing attack on recover password/MFA tokenEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: about 2 months ago
GSA_kwCzR0hTQS00OTQ2LTg1cHItZnZ4aM4AA6B1
vantage6's CORS settings overly permissiveEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1waGc2LTQ0bTctaHgzaM4AA6AX
Whoogle Search Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS0zcTZnLXFtcHgtcnF3NM4AA6AY
Whoogle Search Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1oaDJxLXF2NjYtamNxZ84AA6AZ
Whoogle Search Path Traversal vulnerabilityEcosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1xOTdnLWMyOWgteDJwN84AA6Ab
Whoogle Search Path Traversal vulnerabilityEcosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1oNTc0LTY2NDYtdmZ4eM4AA6AB
Apache Airflow: Ignored Airflow PermissionEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: aiosmtpd
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 months ago
GSA_kwCzR0hTQS1wcjJtLXB4N2oteGc2Nc4AA584
aiosmtpd vulnerable to SMTP smugglingEcosystems: pypi
Packages: aiosmtpd
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: ckan
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 months ago
GSA_kwCzR0hTQS04ZzM4LTNtNnYtMjMyas4AA58k
Potential log injection in reset user endpoint in CKANEcosystems: pypi
Packages: ckan
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 months ago
High
Ecosystems: pypi
Packages: mssql-django
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: about 2 months ago
GSA_kwCzR0hTQS12bXF2LTQ3ajgtZ3d2OM4AA57r
Remote Code Execution Vulnerability in Microsoft Django Backend for SQL ServerEcosystems: pypi
Packages: mssql-django
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: about 2 months ago
High
Ecosystems: pypi
Packages: weasyprint
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 2 months ago
GSA_kwCzR0hTQS0zNWpqLXd4NDctNHc4cs4AA52-
WeasyPrint allows the attachment of arbitrary files and URLs to a PDFEcosystems: pypi
Packages: weasyprint
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 2 months ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 764
Ecosystems: 12
Packages: 8,294
Repositories: 764
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
50
apache-superset
48
Plone
45
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
mlflow
31
opencv-python
30
opencv-contrib-python
30
Django
27
moin
23
langchain
18
PaddlePaddle
17
mercurial
17
cobbler
17
pillow
16
nova
15
paddlepaddle
15
notebook
15
cryptography
15
gradio
14
modoboa
14
pyftpdlib
14
keystone
14
pyload-ng
14
neutron
13
OctoPrint
12
vantage6
12
glance
11
calibreweb
11
twisted
11
urllib3
11
aiohttp
11
onionshare-cli
11
trytond
10
wagtail
10
Flask-AppBuilder
10
zope
9
opencv-contrib-python-headless
9
opencv-python-headless
9
ethyca-fides
9
waitress
9
Zope
9
kiwitcms
9
trac
8
numpy
8
python-keystoneclient
8
aubio
8
roundup
8
nautobot
8
label-studio
8
swift
7
jupyter-server
7
pysaml2
7
pgadmin4
7
lief
7
scrapy
7
ipython
7
pip
7
matrix-sydent
7
mailman
6
apache-airflow-providers-apache-hive
6
lxml
6
Zope2
6
sentry
6
tuf
6
web2py
6
horizon
6
graphite-web
6
mindsdb
6
inventree
6
bleach
5
pyspark
5
saleor
5
lmdb
5
ckan
5
requests
5
python-gnupg
5
feedparser
5
whoogle-search
5
Products.CMFPlone
5
paramiko
5
cinder
5
jupyterhub
4
tripleo-heat-templates
4
bottle
4
Radicale
4
aws-iot-device-sdk-v2
4
Pygments
4
reportlab
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
markdown2
4
awsiotsdk
4
nltk
4
starlette
4
nvflare
4
datasette
4
Jinja2
4
ansible-core
4
transformers
4
esphome
4
httpie
4
Flask-Security-Too
4
grpc
4
keylime
4
grpcio
4
oauthenticator
4
FreeTAKServer-UI
4
tornado
4
PyPDF2
4
buildbot
4
pretix
4
werkzeug
4
GitPython
4
omero-web
4
yt-dlp
4
jwcrypto
4
qutebrowser
4
mistune
3
Mezzanine
3
gerapy
3
SQLAlchemy
3
copyparty
3
django-helpdesk
3
Werkzeug
3
dulwich
3
pyyaml
3
sanic
3
flask
3
pandasai
3
mayan-edms
3
barbican
3
aim
3
indy-node
3
protobuf
3
ryu
3
streamlit
3
httplib2
3
sosreport
3
zenml
3
sickrage
3
rsa
3
Weblate
3
ujson
3
openvpn-monitor
3
Keystone
3
pyarrow
3
Products.PluggableAuthService
3
changedetection.io
3
ajenti
3
fava
3
Moin
3
pycrypto
3
mitmproxy
3
keyring
3
io.grpc:grpc-protobuf
3
wger
3
apache-libcloud
3
ecdsa
3
plone.app.event
3
plone.app.theming
3
plone.app.dexterity
3
plone.supermodel
3
sqlparse
3
homeassistant
3
onnx
3
asyncua
3
torchserve
3
ansible-runner
3
localstack
3
poetry
3
bitlyshortener
3
indico
3
octavia
3
slixmpp
3
jupyterlab
3
clearml
3
docassemble.webapp
3
apache-iotdb
3
asyncssh
3
quokka
3
pywasm3
3
apache-airflow-providers-apache-spark
3
ray
3
python-jose
3
pymatgen
2
pyxdg
2
openapi-python-client
2
wagtail-2fa
2
zope2
2
py
2
ctx
2
Filter by Repository
https://github.com/tensorflow/tensorflow
432
https://github.com/apache/airflow
90
https://github.com/django/django
74
https://github.com/ansible/ansible
53
https://github.com/python-pillow/Pillow
52
https://github.com/ikus060/rdiffweb
42
https://github.com/vyperlang/vyper
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/matrix-org/synapse
32
https://github.com/saltstack/salt
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/opencv/opencv
28
https://github.com/mlflow/mlflow
25
https://github.com/cobbler/cobbler
14
https://github.com/pyload/pyload
14
https://github.com/vantage6/vantage6
14
https://github.com/pyca/cryptography
14
https://github.com/langchain-ai/langchain
14
https://github.com/modoboa/modoboa
13
https://github.com/gradio-app/gradio
13
https://github.com/twisted/twisted
12
https://github.com/urllib3/urllib3
11
https://github.com/aio-libs/aiohttp
11
https://github.com/openstack/keystone
11
https://github.com/onionshare/onionshare
11
https://github.com/janeczku/calibre-web
11
https://github.com/jupyter/notebook
10
https://github.com/dpgaspar/Flask-AppBuilder
10
https://github.com/zopefoundation/Zope
10
https://github.com/wagtail/wagtail
10
https://github.com/giampaolo/pyftpdlib
9
https://github.com/Pylons/waitress
9
https://github.com/apache/superset
9
https://github.com/ethyca/fides
9
https://github.com/pgadmin-org/pgadmin4
9
https://github.com/scrapy/scrapy
8
https://github.com/nautobot/nautobot
8
https://github.com/octoprint/octoprint
8
https://github.com/numpy/numpy
8
https://github.com/kiwitcms/Kiwi
8
https://github.com/ipython/ipython
8
https://github.com/aubio/aubio
7
https://github.com/lief-project/LIEF
7
https://github.com/graphite-project/graphite-web
6
https://github.com/getsentry/sentry
6
https://github.com/jupyter-server/jupyter_server
6
https://github.com/lxml/lxml
6
https://github.com/pypa/pip
6
https://github.com/mindsdb/mindsdb
6
https://github.com/HumanSignal/label-studio
6
https://github.com/matrix-org/sydent
6
https://github.com/pallets/werkzeug
5
https://sourceforge.net/projects/sourceforge.net
5
https://github.com/openstack/nova
5
https://github.com/mozilla/bleach
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/hwchase17/langchain
5
https://github.com/tryton/trytond
5
https://github.com/keylime/keylime
5
https://github.com/OctoPrint/OctoPrint
5
https://github.com/openstack/horizon
5
https://github.com/benbusby/whoogle-search
5
https://github.com/yt-dlp/yt-dlp
4
https://github.com/jhpyle/docassemble
4
https://github.com/Flask-Middleware/flask-security
4
https://github.com/esphome/esphome
4
https://github.com/openstack/neutron
4
https://github.com/ckan/ckan
4
https://github.com/jupyterhub/oauthenticator
4
https://github.com/inventree/InvenTree
4
https://github.com/web2py/web2py
4
https://github.com/latchset/jwcrypto
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/WeblateOrg/weblate
4
https://github.com/Kozea/Radicale
4
https://github.com/huggingface/transformers
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/rohe/pysaml2
4
https://github.com/ronf/asyncssh
4
https://github.com/py-pdf/pypdf
4
https://github.com/bottlepy/bottle
4
https://github.com/grpc/grpc
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/simonw/datasette
4
https://github.com/tornadoweb/tornado
4
https://github.com/saleor/saleor
4
https://github.com/psf/requests
4
https://github.com/openstack/cinder
3
https://github.com/beancount/fava
3
https://github.com/encode/starlette
3
https://github.com/onnx/onnx
3
https://github.com/python/cpython
3
https://github.com/ome/omero-web
3
https://github.com/Cog-Creators/Red-DiscordBot
3
https://github.com/dgtlmoon/changedetection.io
3
https://github.com/paramiko/paramiko
3
https://github.com/pallets/jinja
3
https://github.com/rochacbruno/quokka
3
https://github.com/poezio/slixmpp
3
https://github.com/pallets/flask
3
https://github.com/django-helpdesk/django-helpdesk
3
https://github.com/run-llama/llama_index
3
https://github.com/pretix/pretix
3
https://github.com/openstack/swift
3
https://github.com/pytorch/serve
3
https://github.com/djblets/djblets
3
https://github.com/dlitz/pycrypto
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/pyca/pyopenssl
3
https://github.com/openstack/octavia
3
https://github.com/pygments/pygments
3
https://github.com/pypa/advisory-db
3
https://github.com/openstack/glance
3
https://github.com/mitmproxy/mitmproxy
3
https://github.com/Gerapy/Gerapy
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/theupdateframework/tuf
3
https://github.com/github/securitylab
3
https://github.com/ansible/ansible-runner
3
https://github.com/trentm/python-markdown2
3
https://github.com/gventuri/pandas-ai
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/home-assistant/core
3
https://github.com/lepture/mistune
3
https://github.com/httplib2/httplib2
3
https://github.com/wasm3/wasm3
3
https://github.com/hyperledger/indy-node
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/yaml/pyyaml
3
https://github.com/9001/copyparty
3
https://github.com/zenml-io/zenml
3
https://github.com/indico/indico
3
https://github.com/jupyterlab/jupyterlab
3
https://github.com/jupyterhub/jupyterhub
3
https://github.com/streamlit/streamlit
3
https://github.com/sqlalchemy/sqlalchemy
3
https://github.com/mpdavis/python-jose
3
https://github.com/nltk/nltk
3
https://github.com/faucetsdn/ryu
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/sosreport/sos
3
https://github.com/MobSF/Mobile-Security-Framework-MobSF
3
https://github.com/furlongm/openvpn-monitor
3
https://gitlab.com/mayan-edms/mayan-edms
3
https://github.com/Kozea/CairoSVG
2
https://github.com/DataDog/guarddog
2
https://github.com/dask/distributed
2
https://github.com/pretalx/pretalx
2
https://github.com/nexB/scancode.io
2
https://github.com/plone/Products.ATContentTypes
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/ethereum/eth-abi
2
https://github.com/plone/plone.restapi
2
https://github.com/facebookresearch/ParlAI
2
https://github.com/IncludeSecurity/safeurl-python
2
https://github.com/cure53/DOMPurify
2
https://github.com/executablebooks/markdown-it-py
2
https://github.com/NVIDIA/NeMo
2
https://github.com/corydolphin/flask-cors
2
https://github.com/pyinstaller/pyinstaller
2
https://github.com/jupyterhub/jupyter-server-proxy
2
https://github.com/eventlet/eventlet
2
https://github.com/inventree/inventree
2
https://github.com/jrspruitt/ubi_reader
2
https://github.com/jpadilla/pyjwt
2
https://github.com/jelmer/dulwich
2
https://github.com/jdennis/keycloak-httpd-client-install
2
https://github.com/jaraco/keyring
2
https://github.com/openstack/magnum
2
https://github.com/mirumee/saleor
2
https://github.com/MirahezeBots/sopel-channelmgnt
2
https://github.com/geopython/OWSLib
2
https://github.com/moggers87/django-sendfile2
2
https://github.com/materialsproject/pymatgen
2
https://github.com/openstack/tripleo-heat-templates
2
https://github.com/goToMain/libosdp
2
https://github.com/marshmallow-code/webargs
2
https://github.com/django-wiki/django-wiki
2
https://github.com/OpenZeppelin/cairo-contracts
2
https://github.com/mongodb/mongo-python-driver
2
https://github.com/FreeTAKTeam/FreeTakServer
2
https://github.com/man-group/dtale
2
https://github.com/embedchain/embedchain
2
https://github.com/heartexlabs/label-studio
2
https://github.com/encode/uvicorn
2
https://github.com/html5lib/html5lib-python
2
https://github.com/FreeOpcUa/opcua-asyncio
2
https://github.com/httpie/httpie
2
https://github.com/Legrandin/pycryptodome
2
https://github.com/DIRACGrid/DIRAC
2
https://github.com/labd/wagtail-2fa
2
https://github.com/petl-developers/petl
2
https://github.com/Netflix/lemur
2
https://github.com/piccolo-orm/piccolo
2
https://github.com/devsnd/cherrymusic
2
https://github.com/dbt-labs/dbt-core
2