Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi Security Advisories
Loading...
Critical
Ecosystems: pypi
Packages: consoleme
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
GSA_kwCzR0hTQS0zNzgzLTYydmMtanI3eM4AA8K_
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git commandEcosystems: pypi
Packages: consoleme
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
High
Ecosystems: pypi
Packages: wandb
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: 2 days ago
GSA_kwCzR0hTQS1jcWg5LWpmcXItaDlqas4AA8KA
Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerabilityEcosystems: pypi
Packages: wandb
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: 2 days ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 2 days ago
GSA_kwCzR0hTQS1yZnFxLXdxNnctNzJqbc4AA8J7
MLflow has a Local File Read/Path Traversal bypassEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 2 days ago
Moderate
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 2 days ago
GSA_kwCzR0hTQS1wNGp4LXE2MnAteDVqcs4AA8J5
MLflow allows low privilege users to delete any artifactEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 2 days ago
Moderate
Ecosystems: pypi
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
GSA_kwCzR0hTQS00NzI0LTdqd2MtM2Zwd84AA8Es
Grafana Spoofing originalUrl of snapshotsEcosystems: pypi
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
Moderate
Ecosystems: pypi
Packages: Scrapy
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: 4 days ago
GSA_kwCzR0hTQS0yM2o0LW13NzYtNXY3aM4AA8EP
Scrapy allows redirect following in protocols other than HTTPEcosystems: pypi
Packages: Scrapy
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: 4 days ago
Moderate
Ecosystems: pypi
Packages: Scrapy
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: 4 days ago
GSA_kwCzR0hTQS1qbTN2LXF4bWgtaHh3ds4AA8EO
Scrapy's redirects ignoring scheme-specific proxy settingsEcosystems: pypi
Packages: Scrapy
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: 4 days ago
Moderate
Ecosystems: pypi
Packages: Scrapy
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 4 days ago
GSA_kwCzR0hTQS00cXFxLTl2cWYtM2gzZs4AA8EN
Scrapy leaks the authorization header on same-domain but cross-origin redirectsEcosystems: pypi
Packages: Scrapy
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 4 days ago
High
Ecosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 4 days ago
GSA_kwCzR0hTQS0ydmpxLWhnNXctNWdtN84AA8EL
OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabledEcosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 4 days ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 5 days ago
GSA_kwCzR0hTQS1yMmhyLTR2NDgtZmp2M84AA74u
Nautobot's BANNER_* configuration can be used to inject arbitrary HTML content into Nautobot pagesEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 5 days ago
Critical
Ecosystems: pypi
Packages: llama-cpp-python
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 5 days ago
GSA_kwCzR0hTQS01NnhnLXdmY2MtZzgyOc4AA74j
llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model MetadataEcosystems: pypi
Packages: llama-cpp-python
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 5 days ago
Critical
Ecosystems: pypi
Packages: frigate
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 9 days ago
GSA_kwCzR0hTQS13NGg2LTl3cnAtdjVqcc4AA74M
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of ServiceEcosystems: pypi
Packages: frigate
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 9 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 11 days ago
GSA_kwCzR0hTQS0yOTlxLTNwOTYtNTg5OM4AA70V
Apache Superset Incorrect Authorization vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 11 days ago
High
Ecosystems: pypi
Packages: html-sanitizer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
GSA_kwCzR0hTQS13dmh4LXE0MjctZmdoM84AA7xy
Arbitrary HTML present after sanitization because of unicode normalizationEcosystems: pypi
Packages: html-sanitizer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
High
Ecosystems: pypi
Packages: Werkzeug
Source: GitHub Advisory Database
Blast Radius: 36.0
Published: 12 days ago
GSA_kwCzR0hTQS0yZzY4LWMzcWMtODk4Nc4AA7xx
Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domainEcosystems: pypi
Packages: Werkzeug
Source: GitHub Advisory Database
Blast Radius: 36.0
Published: 12 days ago
Moderate
Ecosystems: pypi
Packages: Jinja2
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 12 days ago
GSA_kwCzR0hTQS1oNzV2LTN2dmotNW1mas4AA7xw
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filterEcosystems: pypi
Packages: Jinja2
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 12 days ago
High
Ecosystems: pypi
Packages: litestar, starlite
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 12 days ago
GSA_kwCzR0hTQS04M3B2LXFyMzMtMnZjZs4AA7xv
Litestar and Starlite vulnerable to Path TraversalEcosystems: pypi
Packages: litestar, starlite
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 12 days ago
Moderate
Ecosystems: pypi
Packages: nebari
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
GSA_kwCzR0hTQS12amM0LTN2Z3gtcHE5aM4AA7wx
Nebari prints temporary Keycloak root passwordEcosystems: pypi
Packages: nebari
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
Moderate
Ecosystems: pypi
Packages: wordops
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
GSA_kwCzR0hTQS0yM3FxLXA0Z3EtZ2MyZ84AA7w2
WordOps has TOCTOU race conditionEcosystems: pypi
Packages: wordops
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
Moderate
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: 13 days ago
GSA_kwCzR0hTQS0zNHJmLXAzcjMtNTh4Ms4AA7wl
Gradio's Component Server does not properly consider` _is_server_fn` for functionsEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS1mZ3B3LWN4M3Ytd2o5Nc4AA7wX
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS01OXAyLXY2MngtZ3hqOM4AA7wY
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS1tOXZtLThtdjktdjV2M84AA7wT
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS03aG1tLXdnMjMtMnc3bc4AA7wS
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS1jN3c2LTMzajMtajNteM4AA7wU
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS1mZnA5LXBmcTktZzJ3d84AA7wV
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
High
Ecosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: 15 days ago
GSA_kwCzR0hTQS03cGMzLXByM3EtNTh2Z84AA7v3
sagemaker-python-sdk Command Injection vulnerabilityEcosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: 15 days ago
High
Ecosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: 15 days ago
GSA_kwCzR0hTQS13anZ4LWpocGotcjU0cs4AA7v2
sagemaker-python-sdk vulnerable to Deserialization of Untrusted DataEcosystems: pypi
Packages: sagemaker
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: 15 days ago
Low
Ecosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 15 days ago
GSA_kwCzR0hTQS1nN3Z2LTJ2N3gtZ2o5cM4AA7v0
tqdm CLI arguments injection attackEcosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 15 days ago
Moderate
Ecosystems: pypi
Packages: changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
GSA_kwCzR0hTQS1wd2djLXc0eDktZ3c2N84AA7vS
changedetection.io Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
High
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: 15 days ago
GSA_kwCzR0hTQS01bTk4LXFnZzktd2g4NM4AA7vP
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requestsEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: 15 days ago
High
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 16 days ago
GSA_kwCzR0hTQS0ybXZjLTU1N2ctNTYzOM4AA7ig
pgAdmin is affected by a multi-factor authentication bypass vulnerabilityEcosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 16 days ago
High
Ecosystems: pypi
Packages: pgAdmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 16 days ago
GSA_kwCzR0hTQS14djY0LThwNHItOTRncc4AA7h_
pgAdmin Cross-site Scripting vulnerability in /settings/store API response json payloadEcosystems: pypi
Packages: pgAdmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 16 days ago
Low
Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 17 days ago
GSA_kwCzR0hTQS13MnY4LXBocDQtcDhoY84AA7eE
Wagtail has permission check bypass when editing a model with per-field restrictions through `wagtail.contrib.settings` or `ModelViewSet`Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 17 days ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 17 days ago
GSA_kwCzR0hTQS1qeGdyLWdjajUtY3FxZ84AA7cp
nautobot has reflected Cross-site Scripting potential in all object list viewsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 17 days ago
Moderate
Ecosystems: pypi
Packages: dcnnt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
GSA_kwCzR0hTQS04cDQyLTc1OTctcDJmNs4AA7Wb
dcnnt-py is vulnerable to command injection via Notification HandlerEcosystems: pypi
Packages: dcnnt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
High
Ecosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: 22 days ago
GSA_kwCzR0hTQS02YzVwLWo4dnEtcHFoas4AA7UT
python-jose algorithm confusion with OpenSSH ECDSA keysEcosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: 22 days ago
Moderate
Ecosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 22 days ago
GSA_kwCzR0hTQS1jandnLXFmcG0tNzM3N84AA7UU
python-jose denial of service via compressed JWE contentEcosystems: pypi
Packages: python-jose
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 22 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
GSA_kwCzR0hTQS1wcHg1LXEzNTktcHZ3as4AA7UK
vyper's range(start, start + N) reverts for negative numbersEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
GSA_kwCzR0hTQS14Y2hxLXc1cjMtNHdnM84AA7UJ
vyper performs incorrect topic logging in raw_logEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
GSA_kwCzR0hTQS1yNTZ4LWo0Mzgtdnc1bc4AA7UI
vyper performs double eval of the slice args when buffer from adhoc locationsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
GSA_kwCzR0hTQS0zd2hxLTY0cTItcWZqNs4AA7UH
vyper performs double eval of raw_args in create_from_blueprintEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
GSA_kwCzR0hTQS1tMnY5LXczNzQtNWhqOc4AA7UG
vyper default functions don't respect nonreentrancy keysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
GSA_kwCzR0hTQS01anJqLTUyeDgtbTY0aM4AA7UF
vyper performs double eval of the argument of sqrtEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 23 days ago
Critical
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 24 days ago
GSA_kwCzR0hTQS0zZjd3LXA4dnItNHY1Zs4AA7Ss
pyLoad allows upload to arbitrary folder lead to RCEEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 24 days ago
Moderate
Ecosystems: pypi
Packages: social-auth-app-django
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 24 days ago
GSA_kwCzR0hTQS0yZ3I4LTN3YzcteGhqM84AA7Sd
social-auth-app-django affected by Improper Handling of Case SensitivityEcosystems: pypi
Packages: social-auth-app-django
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 24 days ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 25 days ago
GSA_kwCzR0hTQS0zaDdxLXJmaDkteG00ds4AA7QQ
Synapse V2 state resolution weakness allows Denial of Service (DoS)Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 25 days ago
Moderate
Ecosystems: pypi
Packages: cg
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
GSA_kwCzR0hTQS13MjI4LXJmcHgtZmhtNM4AA7QL
cg vulnerable to an Open Redirect Vulnerability on Referer HeaderEcosystems: pypi
Packages: cg
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
High
Ecosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: 26 days ago
GSA_kwCzR0hTQS1wNzJxLWgzN2otM2hxN84AA7Pf
dbt uses a SQLparse version with a high vulnerabilityEcosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: 26 days ago
High
Ecosystems: pypi
Packages: storlets
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 26 days ago
GSA_kwCzR0hTQS1yZm0yLWY5NGotcWhqcM4AA7Om
OpenStack Storlets arbitrary code execution vulnerabilityEcosystems: pypi
Packages: storlets
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 26 days ago
Moderate
Ecosystems: pypi
Packages: apache-airflow-providers-ftp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 27 days ago
GSA_kwCzR0hTQS0zZ2c4LW1jODctY3EzaM4AA7OB
Improper Certificate Validation vulnerability in Apache Airflow FTP ProviderEcosystems: pypi
Packages: apache-airflow-providers-ftp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 27 days ago
Moderate
Ecosystems: pypi
Packages: flask-cors
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 29 days ago
GSA_kwCzR0hTQS04NHByLW00anItODVnNc4AA7Nz
flask-cors vulnerable to log injection when the log level is set to debugEcosystems: pypi
Packages: flask-cors
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 29 days ago
High
Ecosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 30 days ago
GSA_kwCzR0hTQS02Y2ptLTRweHctN3hwOc4AA7Lx
Sentry vulnerable to leaking superuser cleartext password in logsEcosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 30 days ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: 30 days ago
GSA_kwCzR0hTQS03Z3B3LTh3bWMtcG04Z84AA7Ls
aiohttp Cross-site Scripting vulnerability on index pages for static file handlingEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: 30 days ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS0yNTIyLW1yamMtbTY4OM4AA7Kq
Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config usedEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 month ago
GSA_kwCzR0hTQS05M2M1LXJqMnAtdzUyeM4AA7CX
Cross-site Scripting (XSS) in mindsdb/mindsdbEcosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: about 1 month ago
GSA_kwCzR0hTQS1ocTg4LXdnN3EtZ3A0Z84AA7CC
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1yNmdwLXJmZjItcDNoZs4AA7Ca
llama-index-core Command Injection vulnerabilityEcosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
GSA_kwCzR0hTQS1yZ3A4LXBtMjgtMzc1Oc4AA7CB
langchain vulnerable to path traversalEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
GSA_kwCzR0hTQS1qNjJyLXd4cXEtZjNnZs4AA7B4
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: about 1 month ago
GSA_kwCzR0hTQS01bXZqLXdtZ2otN3E4Y84AA7CR
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: bentoml
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 1 month ago
GSA_kwCzR0hTQS1odmo1LW12dzktOTNqM84AA7CZ
Insecure deserialization in BentoMLEcosystems: pypi
Packages: bentoml
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 1 month ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: about 1 month ago
GSA_kwCzR0hTQS1nOWNqLWNmcHAtNGcyeM4AA7B5
gradio vulnerable to Path TraversalEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: about 1 month ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
GSA_kwCzR0hTQS1mNDJtLW12ZnYtY2d3Nc4AA7B7
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
GSA_kwCzR0hTQS1tNDljLTVjNTItNjY5Ns4AA7B8
mlflow vulnerable to Path TraversalEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: about 1 month ago
GSA_kwCzR0hTQS02aDNmLTQzdnEtNTNoas4AA7CV
Directory traversal in zenmlEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: about 1 month ago
GSA_kwCzR0hTQS1nM3I1LTcyaGYtcDdwMs4AA7CW
zenml Session Fixation vulnerabilityEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: about 1 month ago
High
Ecosystems: pypi
Packages: gunicorn
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 1 month ago
GSA_kwCzR0hTQS13M2gzLTRyajctNHBoNM4AA7B3
Request smuggling leading to endpoint restriction bypass in GunicornEcosystems: pypi
Packages: gunicorn
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: about 1 month ago
GSA_kwCzR0hTQS1xaDZ4LWo4MmgtdnBmOc4AA7CK
gradio Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: about 1 month ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
GSA_kwCzR0hTQS1mODJyLWpqNXItNmc5N84AA7CM
mlflow Path Traversal vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 1 month ago
High
Ecosystems: pypi
Packages: sqlparse
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: about 1 month ago
GSA_kwCzR0hTQS0ybTU3LWhmMjUtcGhnZ84AA7Be
sqlparse parsing heavily nested list leads to Denial of ServiceEcosystems: pypi
Packages: sqlparse
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: pydantic
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 1 month ago
GSA_kwCzR0hTQS1tcjgyLThqODMtdnhtds4AA6-j
Pydantic regular expression denial of serviceEcosystems: pypi
Packages: pydantic
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 1 month ago
High
Ecosystems: pypi
Packages: nicegui
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 1 month ago
GSA_kwCzR0hTQS1td2M3LTY0d2ctcGd2as4AA69-
NiceGUI allows potential access to local file systemEcosystems: pypi
Packages: nicegui
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: magnum
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 1 month ago
GSA_kwCzR0hTQS1qeDd4LTlyOTgtaDV4cs4AA68u
OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attackEcosystems: pypi
Packages: magnum
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: idna
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: about 1 month ago
GSA_kwCzR0hTQS1qamc3LTJ2NHYteDM4aM4AA670
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encodeEcosystems: pypi
Packages: idna
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: dnspython, eventlet
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 1 month ago
GSA_kwCzR0hTQS0zcnE1LTJnOGgtNTloY84AA67c
Potential DoS via the Tudoor mechanism in eventlet and dnspythonEcosystems: pypi
Packages: dnspython, eventlet
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS13dnB4LWc0MjctcTl3Y84AA64y
llama-index-core Prompt Injection vulnerability leading to Arbitrary Code ExecutionEcosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: about 1 month ago
GSA_kwCzR0hTQS1teHZ3LWNqMzctOGcyaM4AA64v
Aim Web API vulnerable to Remote Code ExecutionEcosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: about 1 month ago
Low
Ecosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: about 1 month ago
GSA_kwCzR0hTQS0zN3E1LXY1cW0tYzl2OM4AA649
Transformers Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: about 1 month ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: about 1 month ago
GSA_kwCzR0hTQS0zZjk1LW14cTItMmY2M84AA64H
Gradio Local File Inclusion vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: litellm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS00NmNtLXBmd3YtY2dmOM4AA64p
LiteLLM has Server-Side Template Injection vulnerability in /completions endpointEcosystems: pypi
Packages: litellm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: about 1 month ago
GSA_kwCzR0hTQS05OXcyLTY3aDgtNTk0OM4AA64t
Aim Cross-Site Request Forgery vulnerability allows user to delete runs and perform other operationsEcosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: about 1 month ago
High
Ecosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: about 1 month ago
GSA_kwCzR0hTQS1oanE2LTUyZ3ctMmc3cM4AA63l
yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)Ecosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: about 1 month ago
High
Ecosystems: pypi
Packages: DIRAC
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS12NmYzLWdoNWgtbXF3eM4AA6wV
DIRAC: Unauthorized users can read proxy contents during generationEcosystems: pypi
Packages: DIRAC
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: about 1 month ago
GSA_kwCzR0hTQS1wMjh4LWhqNjgtN3ZmcM4AA6ug
Ryu Infinite Loop vulnerabilityEcosystems: pypi
Packages: ryu
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: pymongo
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: about 1 month ago
GSA_kwCzR0hTQS1jcjZmLWdmNXctdmhyY84AA6rV
PyMongo Out-of-bounds Read in the bson moduleEcosystems: pypi
Packages: pymongo
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: about 1 month ago
High
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 month ago
GSA_kwCzR0hTQS0yN2p4LWZmdzgteHJxds4AA6pB
pgAdmin Remote Code Execution (RCE) vulnerabilityEcosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: mobsf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS13cGZmLXdtODQteDVjeM4AA6o4
Mobile Security Framework (MobSF) vulnerable to SSRF in firebase database checkEcosystems: pypi
Packages: mobsf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: pypi
Packages: voila
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 1 month ago
GSA_kwCzR0hTQS0ycTU5LWgyNGMtdzZmZ84AA6ks
Voilà Local file inclusionEcosystems: pypi
Packages: voila
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: about 2 months ago
GSA_kwCzR0hTQS00NHdtLWYyNDQteGhwM84AA6j6
Pillow buffer overflow vulnerabilityEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: about 2 months ago
High
Ecosystems: pypi
Packages: piccolo-admin
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: about 2 months ago
GSA_kwCzR0hTQS1wbXd3LXY2YzktN3A4M84AA6gN
Piccolo Admin's raw SVG loading may lead to complete data compromise from admin pageEcosystems: pypi
Packages: piccolo-admin
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: about 2 months ago
High
Ecosystems: pypi, cargo
Packages: aliyundrive-webdav
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS03M3YyLXJ4cXAtN3E0Zs4AA6dc
aliyundrive-webdav vulnerable to Command InjectionEcosystems: pypi, cargo
Packages: aliyundrive-webdav
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: about 2 months ago
GSA_kwCzR0hTQS1tcmozLWYyaDQtN3c0Nc4AA6av
Saleor: Customers' addresses leak when using Warehouse as a `Pickup: Local stock only` delivery methodEcosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: about 2 months ago
High
Ecosystems: pypi
Packages: jupyterhub
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 2 months ago
GSA_kwCzR0hTQS03cjNoLTRwaDgtdzM4Z84AA6at
Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie TossingEcosystems: pypi
Packages: jupyterhub
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 2 months ago
High
Ecosystems: pypi
Packages: Lektor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS13djI4LTdmcHctZmo0Oc4AA6Vg
Lektor does not sanitize database path traversalEcosystems: pypi
Packages: Lektor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: about 2 months ago
GSA_kwCzR0hTQS1yMzY0LW0yajktbWY0aM4AA6Un
gradio Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 months ago
GSA_kwCzR0hTQS1jZmYzLTVxcnAtaHF4N84AA6TU
Apache Airflow Improper Preservation of Permissions vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 months ago
Moderate
Ecosystems: pypi
Packages: langchain-core
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: about 2 months ago
GSA_kwCzR0hTQS1xODRtLXJtdzMtNDM4Ms4AA6Si
LangChain's XMLOutputParser vulnerable to XML Entity ExpansionEcosystems: pypi
Packages: langchain-core
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 2 months ago
GSA_kwCzR0hTQS1tNzMyLXd2aDItN2NxNM4AA6R7
Unauthenticated views may expose information to anonymous usersEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 2 months ago
High
Ecosystems: pypi
Packages: ansys-geometry-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS0zOGpyLTI5Zmgtdzl2bc4AA6RX
ansys-geometry-core OS Command Injection vulnerabilityEcosystems: pypi
Packages: ansys-geometry-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 779
Ecosystems: 12
Packages: 8,381
Repositories: 779
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
53
Plone
52
apache-superset
49
nova
45
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
moin
34
mlflow
33
Django
30
opencv-python
30
opencv-contrib-python
30
keystone
30
langchain
18
glance
18
mercurial
17
PaddlePaddle
17
cobbler
17
pillow
16
neutron
16
cryptography
15
paddlepaddle
15
gradio
15
notebook
15
modoboa
14
pyftpdlib
14
pyload-ng
14
OctoPrint
13
vantage6
12
swift
12
aiohttp
11
onionshare-cli
11
twisted
11
calibreweb
11
urllib3
11
horizon
11
wagtail
10
trytond
10
Flask-AppBuilder
10
ethyca-fides
9
zope
9
waitress
9
Zope
9
kiwitcms
9
opencv-contrib-python-headless
9
opencv-python-headless
9
ryu
9
roundup
9
nautobot
9
label-studio
8
cinder
8
trac
8
numpy
8
aubio
8
python-keystoneclient
8
scrapy
7
pgadmin4
7
jupyter-server
7
ipython
7
lief
7
matrix-sydent
7
pysaml2
7
pip
7
inventree
6
mindsdb
6
sentry
6
apache-airflow-providers-apache-hive
6
Zope2
6
tuf
6
web2py
6
lxml
6
graphite-web
6
mailman
6
Moin
6
feedparser
5
python-gnupg
5
bleach
5
Products.CMFPlone
5
saleor
5
paramiko
5
pyspark
5
Jinja2
5
requests
5
lmdb
5
whoogle-search
5
ckan
5
barbican
4
tripleo-heat-templates
4
starlette
4
Scrapy
4
jupyterhub
4
oauthenticator
4
httpie
4
keylime
4
FreeTAKServer-UI
4
PyPDF2
4
omero-web
4
transformers
4
grpcio
4
markdown2
4
qutebrowser
4
grpc
4
tornado
4
werkzeug
4
yt-dlp
4
nvflare
4
nltk
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
datasette
4
esphome
4
Keystone
4
GitPython
4
Radicale
4
reportlab
4
aws-iot-device-sdk-v2
4
ansible-core
4
jwcrypto
4
Pygments
4
Werkzeug
4
buildbot
4
pretix
4
bottle
4
awsiotsdk
4
Flask-Security-Too
4
ecdsa
3
ujson
3
ray
3
Weblate
3
ajenti
3
asyncssh
3
pyarrow
3
Kallithea
3
sanic
3
changedetection.io
3
sosreport
3
flask
3
io.grpc:grpc-protobuf
3
onnx
3
sickrage
3
Mezzanine
3
mistune
3
openvpn-monitor
3
streamlit
3
copyparty
3
Nova
3
indy-node
3
aim
3
localstack
3
mayan-edms
3
pandasai
3
poetry
3
protobuf
3
gerapy
3
bitlyshortener
3
indico
3
jupyterlab
3
pywasm3
3
python-jose
3
keyring
3
wger
3
asyncua
3
apache-iotdb
3
Products.PluggableAuthService
3
rsa
3
fava
3
keystonemiddleware
3
pyyaml
3
apache-airflow-providers-apache-spark
3
docassemble.webapp
3
quokka
3
clearml
3
SQLAlchemy
3
dulwich
3
django-helpdesk
3
ansible-runner
3
slixmpp
3
sqlparse
3
octavia
3
homeassistant
3
torchserve
3
pycrypto
3
apache-libcloud
3
plone.supermodel
3
plone.app.dexterity
3
plone.app.event
3
zenml
3
mitmproxy
3
httplib2
3
plone.app.theming
3
django-unicorn
2
piccolo
2
cabot
2
Filter by Repository
https://github.com/tensorflow/tensorflow
432
https://github.com/django/django
95
https://github.com/apache/airflow
90
https://github.com/ansible/ansible
53
https://github.com/python-pillow/Pillow
52
https://github.com/ikus060/rdiffweb
42
https://github.com/vyperlang/vyper
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/openstack/nova
36
https://github.com/matrix-org/synapse
32
https://github.com/saltstack/salt
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/opencv/opencv
28
https://github.com/openstack/keystone
27
https://github.com/mlflow/mlflow
27
https://github.com/cobbler/cobbler
14
https://github.com/langchain-ai/langchain
14
https://github.com/vantage6/vantage6
14
https://github.com/pyca/cryptography
14
https://github.com/pyload/pyload
14
https://github.com/gradio-app/gradio
14
https://github.com/modoboa/modoboa
13
https://github.com/twisted/twisted
12
https://github.com/aio-libs/aiohttp
11
https://github.com/urllib3/urllib3
11
https://github.com/onionshare/onionshare
11
https://github.com/scrapy/scrapy
11
https://github.com/janeczku/calibre-web
11
https://github.com/jupyter/notebook
10
https://github.com/openstack/glance
10
https://github.com/dpgaspar/Flask-AppBuilder
10
https://github.com/zopefoundation/Zope
10
https://github.com/wagtail/wagtail
10
https://github.com/apache/superset
9
https://github.com/nautobot/nautobot
9
https://github.com/pgadmin-org/pgadmin4
9
https://github.com/Pylons/waitress
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/faucetsdn/ryu
9
https://github.com/openstack/horizon
9
https://github.com/ethyca/fides
9
https://github.com/kiwitcms/Kiwi
8
https://github.com/ipython/ipython
8
https://github.com/numpy/numpy
8
https://github.com/octoprint/octoprint
8
https://github.com/openstack/neutron
7
https://github.com/lief-project/LIEF
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/aubio/aubio
7
https://github.com/openstack/swift
7
https://github.com/lxml/lxml
6
https://github.com/OctoPrint/OctoPrint
6
https://github.com/jupyter-server/jupyter_server
6
https://github.com/pypa/pip
6
https://github.com/openstack/cinder
6
https://github.com/HumanSignal/label-studio
6
https://github.com/graphite-project/graphite-web
6
https://github.com/matrix-org/sydent
6
https://github.com/getsentry/sentry
6
https://github.com/mindsdb/mindsdb
6
https://github.com/pallets/werkzeug
6
https://github.com/mozilla/bleach
5
https://github.com/hwchase17/langchain
5
https://github.com/benbusby/whoogle-search
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/tryton/trytond
5
https://github.com/keylime/keylime
5
https://github.com/ckan/ckan
4
https://github.com/Flask-Middleware/flask-security
4
https://github.com/esphome/esphome
4
https://github.com/latchset/jwcrypto
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/py-pdf/pypdf
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/rohe/pysaml2
4
https://github.com/huggingface/transformers
4
https://github.com/ronf/asyncssh
4
https://github.com/simonw/datasette
4
https://github.com/grpc/grpc
4
https://github.com/bottlepy/bottle
4
https://github.com/psf/requests
4
https://github.com/saleor/saleor
4
https://github.com/jhpyle/docassemble
4
https://github.com/yt-dlp/yt-dlp
4
https://github.com/inventree/InvenTree
4
https://github.com/WeblateOrg/weblate
4
https://github.com/web2py/web2py
4
https://github.com/Kozea/Radicale
4
https://github.com/tornadoweb/tornado
4
https://github.com/pallets/jinja
4
https://github.com/jupyterhub/oauthenticator
4
https://sourceforge.net/projects/roject
3
https://github.com/gventuri/pandas-ai
3
https://gitlab.com/mayan-edms/mayan-edms
3
https://github.com/trentm/python-markdown2
3
https://github.com/pygments/pygments
3
https://github.com/MobSF/Mobile-Security-Framework-MobSF
3
https://github.com/ansible/ansible-runner
3
https://github.com/pyca/pyopenssl
3
https://github.com/home-assistant/core
3
https://github.com/ome/omero-web
3
https://github.com/djblets/djblets
3
https://github.com/pretix/pretix
3
https://github.com/indico/indico
3
https://github.com/beancount/fava
3
https://github.com/furlongm/openvpn-monitor
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/github/securitylab
3
https://github.com/pytorch/serve
3
https://github.com/nltk/nltk
3
https://github.com/wasm3/wasm3
3
https://github.com/python/cpython
3
https://github.com/Cog-Creators/Red-DiscordBot
3
https://github.com/jupyterlab/jupyterlab
3
https://github.com/jupyterhub/jupyterhub
3
https://github.com/Gerapy/Gerapy
3
https://github.com/mitmproxy/mitmproxy
3
https://github.com/rochacbruno/quokka
3
https://github.com/openstack/octavia
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/encode/starlette
3
https://github.com/pypa/advisory-db
3
https://github.com/run-llama/llama_index
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/dlitz/pycrypto
3
https://github.com/mpdavis/python-jose
3
https://github.com/pallets/flask
3
https://github.com/lepture/mistune
3
https://github.com/sqlalchemy/sqlalchemy
3
https://github.com/hyperledger/indy-node
3
https://github.com/9001/copyparty
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/yaml/pyyaml
3
https://github.com/sosreport/sos
3
https://github.com/django-helpdesk/django-helpdesk
3
https://github.com/dgtlmoon/changedetection.io
3
https://github.com/theupdateframework/tuf
3
https://github.com/onnx/onnx
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/httplib2/httplib2
3
https://github.com/poezio/slixmpp
3
https://github.com/streamlit/streamlit
3
https://github.com/paramiko/paramiko
3
https://github.com/zenml-io/zenml
3
https://github.com/ethereum/eth-abi
2
https://github.com/openstack/magnum
2
https://github.com/mirumee/saleor
2
https://github.com/petl-developers/petl
2
https://github.com/executablebooks/markdown-it-py
2
https://github.com/pytest-dev/py
2
https://github.com/piccolo-orm/piccolo
2
https://github.com/eventlet/eventlet
2
https://github.com/MirahezeBots/sopel-channelmgnt
2
https://github.com/embedchain/embedchain
2
https://github.com/python-imaging/Pillow
2
https://github.com/python-ldap/python-ldap
2
https://github.com/facebookresearch/ParlAI
2
https://github.com/python-poetry/poetry
2
https://github.com/clinical-genomics/scout
2
https://github.com/DIRACGrid/DIRAC
2
https://github.com/encode/uvicorn
2
https://github.com/pretalx/pretalx
2
https://github.com/django-wiki/django-wiki
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/mongodb/mongo-python-driver
2
https://github.com/OpenZeppelin/cairo-contracts
2
https://github.com/dask/distributed
2
https://github.com/DataDog/guarddog
2
https://github.com/moggers87/django-sendfile2
2
https://github.com/openstack/tripleo-heat-templates
2
https://github.com/Netflix/lemur
2
https://github.com/cure53/DOMPurify
2
https://github.com/plone/Products.ATContentTypes
2
https://github.com/pyinstaller/pyinstaller
2
https://github.com/corydolphin/flask-cors
2
https://github.com/plone/plone.restapi
2
https://github.com/openstack/barbican
2
https://github.com/dbt-labs/dbt-core
2
https://github.com/FreeTAKTeam/FreeTakServer
2
https://github.com/geopython/OWSLib
2
https://github.com/openstack/ossa
2
https://github.com/FreeOpcUa/opcua-asyncio
2
https://github.com/nexB/scancode.io
2
https://github.com/devsnd/cherrymusic
2
https://github.com/NVIDIA/NeMo
2
https://github.com/Legrandin/pycryptodome
2
https://github.com/stchris/untangle
2
https://github.com/warner/python-ecdsa
2
https://github.com/starkbank/ecdsa-python
2
https://github.com/aws/aws-encryption-sdk-cli
2
https://github.com/snowflakedb/snowflake-connector-python
2
https://github.com/jupyterhub/jupyter-server-proxy
2
https://github.com/aws/sagemaker-python-sdk
2
https://github.com/simplegeo/python-oauth2
2
https://github.com/httpie/httpie
2