Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi pyload-ng Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS0zZjd3LXA4dnItNHY1Zs4AA7Ss
pyLoad allows upload to arbitrary folder lead to RCE
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS1nM2NtLXFnMnYtMmhqNc4AA5Ev
pyLoad open redirect vulnerability due to improper validation of the is_safe_url function
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Critical
GSA_kwCzR0hTQS1wZ3BqLXY4NXEtaDVmbc4AA4kU
Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalation
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
High
GSA_kwCzR0hTQS1tcXBxLTJwNjgtNDZmds4AA4Qg
pyload Unauthenticated Flask Configuration Leakage vulnerability
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1naG13LXJ3aDgtNnFtcs4AA4PI
pyload Log Injection vulnerability
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
High
GSA_kwCzR0hTQS1oNzNtLXBjZnctMjVoMs4AA3S3
Download to arbitrary folder can lead to RCE
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS13Y202LXd2OTUtN2p3Ns4AAxNP
Cross-site Scripting in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS04djUzLTIzbXgtaGNmOc4AAxNf
Improper Certificate Validation in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS02am14LXB2Nzctd201d84AAxHU
Excessive Attack Surface in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14OXZjLTVxNzctbTd4NM4AAxHP
Improper Input Validation in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1wZjM4LTVwMjIteDZoNs4AAw-v
Code Injection in pyload-ng
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1ydjl4LXdtdzQtNDRxas4AAw74
Pyload Insufficient Session Expiration vulnerability
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oOHI5LTQ2N3ItdmpqZs4AAwv-
pyLoad vulnerable to Improper Restriction of Rendered UI Layers or Frames
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tM2c3LXdycnEtdjVjOM4AAwv4
Pyload contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Statistics
Advisories: 18,946
Packages: 8,441
Repositories: 1
Ecosystems: 12
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 django 80 apache-airflow 79 ansible 63 salt 53 Plone 52 apache-superset 49 nova 46 plone 43 rdiffweb 42 Pillow 41 vyper 38 matrix-synapse 35 moin 35 mlflow 33 Django 32 keystone 31 opencv-contrib-python 30 opencv-python 30 glance 19 langchain 18 PaddlePaddle 17 cobbler 17 mercurial 17 neutron 16 pillow 16 paddlepaddle 15 cryptography 15 notebook 15 gradio 15 pyftpdlib 14 pyload-ng 14 modoboa 14 vantage6 13 OctoPrint 13 swift 12 horizon 11 aiohttp 11 calibreweb 11 twisted 11 urllib3 11 onionshare-cli 11 Flask-AppBuilder 10 trytond 10 ethyca-fides 10 wagtail 10 nautobot 10 kiwitcms 9 zope 9 Zope 9 waitress 9 opencv-contrib-python-headless 9 opencv-python-headless 9 ryu 9 roundup 9 label-studio 8 aubio 8 cinder 8 python-keystoneclient 8 numpy 8 trac 8 scrapy 7 jupyter-server 7 matrix-sydent 7 lief 7 pysaml2 7 pip 7 pgadmin4 7 ipython 7 mailman 6 mindsdb 6 requests 6 apache-airflow-providers-apache-hive 6 Zope2 6 inventree 6 lxml 6 sentry 6 graphite-web 6 web2py 6 Moin 6 tuf 6 paramiko 5 saleor 5 lmdb 5 omero-web 5 python-gnupg 5 pyspark 5 feedparser 5 Jinja2 5 whoogle-search 5 ckan 5 Products.CMFPlone 5 bleach 5 pretix 4 PyPDF2 4 Keystone 4 nvflare 4 httpie 4 barbican 4 oauthenticator 4 grpcio 4 grpc 4 tripleo-heat-templates 4 Scrapy 4 Radicale 4 starlette 4 ansible-core 4 datasette 4 tornado 4 qutebrowser 4 Flask-Security-Too 4 buildbot 4 nltk 4 reportlab 4 Pygments 4 markdown2 4 keylime 4 jwcrypto 4 werkzeug 4 Werkzeug 4 bottle 4 GitPython 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 aws-iot-device-sdk-v2 4 jupyterhub 4 awsiotsdk 4 esphome 4 yt-dlp 4 FreeTAKServer-UI 4 transformers 4 pandasai 3 mayan-edms 3 indy-node 3 aim 3 pyyaml 3 localstack 3 ray 3 poetry 3 io.grpc:grpc-protobuf 3 keyring 3 plone.supermodel 3 wger 3 apache-airflow-providers-apache-spark 3 plone.app.dexterity 3 plone.app.theming 3 plone.app.event 3 asyncua 3 flask 3 changedetection.io 3 openvpn-monitor 3 sanic 3 indico 3 dbt-core 3 protobuf 3 zenml 3 pywasm3 3 httplib2 3 Weblate 3 SQLAlchemy 3 pyarrow 3 mistune 3 asyncssh 3 ujson 3 ajenti 3 django-helpdesk 3 llama-index 3 mitmproxy 3 Kallithea 3 pycrypto 3 rsa 3 sickrage 3 keystonemiddleware 3 copyparty 3 octavia 3 slixmpp 3 Nova 3 Mezzanine 3 gerapy 3 clearml 3 docassemble.webapp 3 torchserve 3 fava 3 onnx 3 quokka 3 homeassistant 3 jupyterlab 3 sqlparse 3 ecdsa 3 python-jose 3 bitlyshortener 3 ansible-runner 3 Products.PluggableAuthService 3 streamlit 3 apache-iotdb 3 dulwich 3 sosreport 3 apache-libcloud 3 archivy 2