Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi Security Advisories
Loading...
High
Ecosystems: pypi
Packages: metagpt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1nN3BoLTg0MjMtcGY0as4AA4mg
Code execution in metagptEcosystems: pypi
Packages: metagpt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
Ecosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 3 months ago
GSA_kwCzR0hTQS1yaGhqLTU0MzYtOTV2Zs4AA4mM
Code execution in EmbedchainEcosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 3 months ago
Moderate
Ecosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1yNjd3LWY5OXctbWd4as4AA4mN
ReDoS in EmbedchainEcosystems: pypi
Packages: embedchain
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
Ecosystems: pypi
Packages: llama-hub
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 3 months ago
GSA_kwCzR0hTQS0yOTd4LTJxZjMtanJqM84AA4mL
Unsafe yaml deserialization in llama-hubEcosystems: pypi
Packages: llama-hub
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 3 months ago
Critical
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 3 months ago
GSA_kwCzR0hTQS1jaGo3LXczZjYtY3Zmas4AA4mF
Code Injection in paddlepaddleEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 3 months ago
High
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: 4 months ago
GSA_kwCzR0hTQS0zZjYzLWhmcDgtNTJqcc4AA4lV
Arbitrary Code Execution in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: 4 months ago
High
Ecosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 4 months ago
GSA_kwCzR0hTQS00NGNjLTQzcnAtNTk0N84AA4lA
JupyterLab vulnerable to potential authentication and CSRF tokens leakEcosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 4 months ago
GSA_kwCzR0hTQS00bTc3LWNtcHgtdmpjNM4AA4k_
JupyterLab vulnerable to SXSS in Markdown PreviewEcosystems: pypi
Packages: notebook, jupyterlab
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: 4 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 4 months ago
GSA_kwCzR0hTQS0ycTh2LTNncXEtNGY4cM4AA4kr
concat built-in can corrupt memory in vyperEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1wZ3BqLXY4NXEtaDVmbc4AA4kU
Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalationEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
High
Ecosystems: pypi
Packages: jupyter-lsp
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 4 months ago
GSA_kwCzR0hTQS00cWhwLTY1MnctYzIyeM4AA4jl
Unsecured endpoints in the jupyter-lsp server extensionEcosystems: pypi
Packages: jupyter-lsp
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 4 months ago
High
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 4 months ago
GSA_kwCzR0hTQS01eGZ4LTU1eDQtajIyM84AA4jV
Cross-Frame Scripting vulnerability has been found on Plone CMSEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: readthedocs-sphinx-search
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: 4 months ago
GSA_kwCzR0hTQS14Z2ZtLWZqeDYtNjJtas4AA4gD
readthedocs-sphinx-search vulnerable to cross-site scripting when including search results from malicious projectsEcosystems: pypi
Packages: readthedocs-sphinx-search
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: templated_dictionary
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 4 months ago
GSA_kwCzR0hTQS03ajk4LTc0amgtY2p4aM4AA4ef
Privilege escalation for users that can access mock configurationEcosystems: pypi
Packages: templated_dictionary
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 4 months ago
Critical
Ecosystems: pypi, maven
Packages: apache-iotdb, org.apache.iotdb:iotdb-core
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: 4 months ago
GSA_kwCzR0hTQS1yeGdnLTI3M3ctcmZ3N84AA4c9
Remote Code Execution vulnerability in Apache IoTDB via UDFEcosystems: pypi, maven
Packages: apache-iotdb, org.apache.iotdb:iotdb-core
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: 4 months ago
High
Ecosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
GSA_kwCzR0hTQS02aDRxLTYzYzUtcWZxZs4AA4bt
Path traversal in flaskcodeEcosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
High
Ecosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
GSA_kwCzR0hTQS12M3JnLXFtNDYteHJnOc4AA4bu
Path traversal in flaskcodeEcosystems: pypi
Packages: flaskcode
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 4 months ago
Low
Ecosystems: pypi
Packages: streamlit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS04cXc5LWdmN3ctNDJ4Nc4AA4a1
Minor fix to previous patch for CVE-2022-35918Ecosystems: pypi
Packages: streamlit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: jinja2
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 4 months ago
GSA_kwCzR0hTQS1oNWM4LXJxd3AtY3A5Nc4AA4Ys
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filterEcosystems: pypi
Packages: jinja2
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 4 months ago
Low
Ecosystems: pypi
Packages: case-utils, cdo-local-uuid
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 4 months ago
GSA_kwCzR0hTQS1yZ3JmLTZtZjUtbTg4Ms4AA4Yr
cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration codeEcosystems: pypi
Packages: case-utils, cdo-local-uuid
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 4 months ago
High
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 4 months ago
GSA_kwCzR0hTQS0ybXFqLW02NXctamdoeM4AA4Vh
Untrusted search path under some conditions on Windows allows arbitrary code executionEcosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: aries-cloudagent
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 4 months ago
GSA_kwCzR0hTQS05N3g5LTU5cnYtcTVwbc4AA4Tl
Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VCEcosystems: pypi
Packages: aries-cloudagent
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 4 months ago
High
Ecosystems: pypi
Packages: fonttools
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: 4 months ago
GSA_kwCzR0hTQS02NjczLTQ5ODMtMnZ4Nc4AA4Sn
fonttools XML External Entity Injection (XXE) VulnerabilityEcosystems: pypi
Packages: fonttools
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: 4 months ago
Moderate
Ecosystems: pypi, npm
Packages: appwrite, appwrite-cli
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 4 months ago
GSA_kwCzR0hTQS1nNzc3LWNycDktbTI3Z84AA4SE
Apprite CLI makes Use of Hard-coded CredentialsEcosystems: pypi, npm
Packages: appwrite, appwrite-cli
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 4 months ago
High
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1tcXBxLTJwNjgtNDZmds4AA4Qg
pyload Unauthenticated Flask Configuration Leakage vulnerabilityEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1naG13LXJ3aDgtNnFtcs4AA4PI
pyload Log Injection vulnerabilityEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
High
Ecosystems: pypi
Packages: dtale
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 4 months ago
GSA_kwCzR0hTQS03aGZ4LWgzajMtcndxNM4AA4N6
D-Tale server-side request forgery through Web uploadsEcosystems: pypi
Packages: dtale
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: pycryptodome, pycryptodomex
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: 4 months ago
GSA_kwCzR0hTQS1qMjI1LWN2dzctcXJ4N84AA4M5
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryptionEcosystems: pypi
Packages: pycryptodome, pycryptodomex
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS12OXBnLXF3NngtdzVyMs4AA4LF
PaddlePaddle floating point exception in paddle.aminEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 4 months ago
GSA_kwCzR0hTQS0zY3I1LTI0NDYtOHBnM84AA4Kt
PaddlePaddle command injection in convert_shape_compareEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS0yNzVjLXc1bXEtdjVtMs4AA4LE
PaddlePaddle floating point exception in paddle.argmin and paddle.argmaxEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 4 months ago
GSA_kwCzR0hTQS1qNWg5LTlyMzktNDNxNc4AA4K-
PaddlePaddle command injection in get_online_pass_intervalEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS1xcHB3LWMzN2cteHdjY84AA4LH
PaddlePaddle nullptr dereference in paddle.cropEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 4 months ago
GSA_kwCzR0hTQS1yZjdwLTc5eHEtOHh3bc4AA4LC
PaddlePaddle command injection in _wget_downloadEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS1yeDJyLXE5NmMtdzVjY84AA4LB
PaddlePaddle floating point exception in paddle.topkEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
High
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 4 months ago
GSA_kwCzR0hTQS04ZnA3LWp3djItNDl4Oc4AA4LA
PaddlePaddle heap buffer overflow in paddle.repeat_interleaveEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS1yZzlxLW04aHYteHhyNs4AA4K9
PaddlePaddle floating point exception in paddle.lerpEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
High
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 4 months ago
GSA_kwCzR0hTQS00cnJ2LThnY3AtMjR2OM4AA4K4
PaddlePaddle stack overflow in paddle.searchsortedEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 4 months ago
High
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 4 months ago
GSA_kwCzR0hTQS1nNTd2LTI2ODctangzM84AA4K8
PaddlePaddle stack overflow in paddle.linalg.lu_unpackEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS1tcjc4LXY1NXAtNzc3N84AA4K5
PaddlePaddle segfault in paddle.modeEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS0yd2NqLXFyNzYtOTc2OM4AA4K6
PaddlePaddle segfault in paddle.put_along_axisEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS14M3E5LWM3ODgtajdjOM4AA4K0
PaddlePaddle segfault in paddle.dotEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS01NDdtLTIzeDctY3hnNc4AA4K3
PaddlePaddle null pointer dereference in paddle.nextafterEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS1qbTY4LWZwbXItOGoyZ84AA4K1
PaddlePaddle floating point exception in paddle.linalg.matrix_rankEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS1jNnBoLW04Y3ctcmZxaM4AA4K2
PaddlePaddle floating point exception in paddle.linalg.eigEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
GSA_kwCzR0hTQS14anB3LWh4NDctcmNjds4AA4Ks
PaddlePaddle floating point exception in paddle.nanmedianEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: hail
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 4 months ago
GSA_kwCzR0hTQS00ODdwLXF4NjgtNXZqd84AA4Jl
Hail relies on OIDC email claims to verify the validity of a user's domain.Ecosystems: pypi
Packages: hail
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 4 months ago
GSA_kwCzR0hTQS1qcHZ3LXA4cHItOWcyeM4AA4D9
Ansible symlink attack vulnerabilityEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: jwcrypto
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: 4 months ago
GSA_kwCzR0hTQS1jdzJyLTRwODItcXY3Oc4AA4Dz
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count valueEcosystems: pypi
Packages: jwcrypto
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: flask-security-too, Flask-Security-Too
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 4 months ago
GSA_kwCzR0hTQS02NzJoLTZ4ODktNzZtNc4AA4Cj
Open redirect vulnerability in Flask-Security-TooEcosystems: pypi
Packages: flask-security-too, Flask-Security-Too
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 4 months ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 4 months ago
GSA_kwCzR0hTQS12ZjVtLXhyaG0tdjk5Oc4AA4AF
Nautobot missing object-level permissions enforcement when running Job ButtonsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 4 months ago
High
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: 4 months ago
GSA_kwCzR0hTQS02cW0yLXdweHEtN3FoMs4AA39-
Gradio makes the `/file` secure against file traversal and server-side request forgery attacksEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: 4 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
GSA_kwCzR0hTQS01OTM4LTc5aGcteGgzcc4AA39c
Apache Airflow Improper Access Control vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
GSA_kwCzR0hTQS02bTlyLTd3cngteG1yNs4AA39d
Apache Airflow Cross-Site Request Forgery vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 5 months ago
GSA_kwCzR0hTQS04ZjU3LXdjbWctNGptaM4AA39V
Apache Airflow vulnerable to Exposure of Resource to Wrong SphereEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 5 months ago
GSA_kwCzR0hTQS1weGNoLXdyN20tcnd4as4AA39U
Apache Airflow has a stored cross-site scripting vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 5 months ago
High
Ecosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: 5 months ago
GSA_kwCzR0hTQS12NjhnLXdtOGMtNng3as4AA38Z
transformers has a Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
GSA_kwCzR0hTQS13djhxLTRmODUtMnA4cM4AA37f
MLflow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
GSA_kwCzR0hTQS1oaDhwLXA4bXAtZ3Fobc4AA37i
MLFlow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
GSA_kwCzR0hTQS1xZzhwLTMyZ3ItZ2g2eM4AA37h
MLflow Local File Disclosure VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
GSA_kwCzR0hTQS01cjNxLTkzcTMtZjk3OM4AA37c
MLflow Path Traversal VulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
GSA_kwCzR0hTQS01OXYzLTg5OHItcXdoas4AA37g
MLflow Server-Side Request Forgery (SSRF)Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 5 months ago
High
Ecosystems: pypi
Packages: emailproxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS05d2dnLW05OXEtaGhmY84AA36z
Expired tokens can be renewed without validating the account passwordEcosystems: pypi
Packages: emailproxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 5 months ago
GSA_kwCzR0hTQS0zODYzLTI0NDctNjY5cM4AA35m
transformers has a Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
GSA_kwCzR0hTQS1qZnhqLXhmNjcteDcyM84AA35f
Apache Superset SQL injection vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
High
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 5 months ago
GSA_kwCzR0hTQS1nNDlqLWo0ODktM3hwZs4AA35g
Apache Superset incorrect write permissions vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
GSA_kwCzR0hTQS05NW1nLWpnZngtNTR2Oc4AA35k
Apache Superset uncontrolled resource consumptionEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
GSA_kwCzR0hTQS1odmM2LTQydmYtamhmOM4AA35I
mlflow Command Injection vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: malojaserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS00aDcyLTM0ajYtajh4N84AA34K
Maloja error page XSS vulnerabilityEcosystems: pypi
Packages: malojaserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Moderate
Ecosystems: pypi, go, cargo
Packages: paramiko, golang.org/x/crypto, russh
Source: GitHub Advisory Database
Blast Radius: 63.5
Published: 5 months ago
GSA_kwCzR0hTQS00NXg3LXB4MzYteDh3OM4AA34H
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka TerrapinEcosystems: pypi, go, cargo
Packages: paramiko, golang.org/x/crypto, russh
Source: GitHub Advisory Database
Blast Radius: 63.5
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: asyncssh
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 5 months ago
GSA_kwCzR0hTQS1oZm1jLTc1MjUtbWo1Nc4AA34G
AsyncSSH vulnerable to Prefix Truncation Attack (a.k.a. Terrapin Attack) against ChaCha20-Poly1305 and Encrypt-then-MACEcosystems: pypi
Packages: asyncssh
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: homeassistant
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 5 months ago
GSA_kwCzR0hTQS1qcXBjLXJjN2ctdmY4M84AA321
User accounts disclosed to unauthenticated actors on the LANEcosystems: pypi
Packages: homeassistant
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS1qOHc2LTJyOWgtY3hoas4AA3ym
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 5 months ago
GSA_kwCzR0hTQS01NTR3LXhoNGotOHc2NM4AA3yh
Path traversal in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: h2o
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 5 months ago
GSA_kwCzR0hTQS1ncXJxLWo2cG0tOThjMs4AA3w5
External Control of File Name or Path in h2oai/h2o-3Ecosystems: pypi
Packages: h2o
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: 5 months ago
GSA_kwCzR0hTQS1ncXZmLTNoZ3AtNWh4ds4AA3xA
Gradio Exposure of Sensitive Information to an Unauthorized Actor vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: ckan
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 5 months ago
GSA_kwCzR0hTQS03ZmdjLTg5Y3gtdzhqNc4AA3v5
Out of memory error when submitting the dataset form with a specially-crafted fieldEcosystems: pypi
Packages: ckan
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 5 months ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 5 months ago
GSA_kwCzR0hTQS03NW1jLTNwamMtNzI3cc4AA3uo
Unauthenticated db-file-storage viewsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 5 months ago
High
Ecosystems: pypi
Packages: meraki
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 5 months ago
GSA_kwCzR0hTQS02eDRoLTk2MjItZnFyNs4AA3un
Improper validation in merakiEcosystems: pypi
Packages: meraki
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: sap-xssec
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 5 months ago
GSA_kwCzR0hTQS02bWpnLTM3Y3AtNDJ4Nc4AA3ul
Improper Privilege Management in sap-xssecEcosystems: pypi
Packages: sap-xssec
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 5 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 5 months ago
GSA_kwCzR0hTQS02bTk3LTc1MjctbWg3NM4AA3uZ
incorrect storage layout for contracts containing large arraysEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: ansible-core
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 5 months ago
GSA_kwCzR0hTQS03ajY5LXFmYzMtMmZxOc4AA3tj
Ansible template injection vulnerabilityEcosystems: pypi
Packages: ansible-core
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
GSA_kwCzR0hTQS12OTQ1LXIzcmMtNmZqbc4AA3ti
Path traversal in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: mltable
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 5 months ago
GSA_kwCzR0hTQS1tNXBjLTg2eDgtd2N4Z84AA3tX
Exposure of Sensitive Information in mltableEcosystems: pypi
Packages: mltable
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
GSA_kwCzR0hTQS1jeGZyLTVxM3ItMnJjMs4AA3r7
Jinja2 template injection in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 5 months ago
Critical
Ecosystems: pypi
Packages: sap-xssec
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 5 months ago
GSA_kwCzR0hTQS1wOTloLXBmZzYtcXJmZ84AA3r0
Privilege escalation in sap-xssecEcosystems: pypi
Packages: sap-xssec
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 9.9
Published: 5 months ago
GSA_kwCzR0hTQS1jcmhwLTdjNzQtY2c0Y84AA3q6
Improper Input Validation in mindsdbEcosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 9.9
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: 5 months ago
GSA_kwCzR0hTQS0zNG1yLTZxOHgtZzlyNs4AA3q5
Server-Side Request Forgery in mindsdbEcosystems: pypi
Packages: mindsdb
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: 5 months ago
High
Ecosystems: pypi
Packages: pyinstaller
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: 5 months ago
GSA_kwCzR0hTQS05dzJwLXJoOGMtdjlnNc4AA3pj
Local Privilege Escalation in WindowsEcosystems: pypi
Packages: pyinstaller
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: 5 months ago
Low
Ecosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 5 months ago
GSA_kwCzR0hTQS1qNGczLTNxOHgtanhxcM4AA3ow
dbt-core's secret env vars written to package-lock.json in plaintextEcosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: dockerspawner
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: 5 months ago
GSA_kwCzR0hTQS1oZmdyLWgzdmMtcDZjMs4AA3og
DockerSpawner allows any image by defaultEcosystems: pypi
Packages: dockerspawner
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 5 months ago
GSA_kwCzR0hTQS12d2hmLTN2Nngtd2ZmOM4AA3mS
Cross-site Scripting (XSS) in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 5 months ago
Moderate
Ecosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 5 months ago
GSA_kwCzR0hTQS01ODQ0LXEzZmMtNTZyaM4AA3lZ
pubnub Insufficient Entropy vulnerabilityEcosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 5 months ago
Low
Ecosystems: pypi
Packages: PyDrive2
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 5 months ago
GSA_kwCzR0hTQS12NWY2LWhqbWYtOW1jNc4AA3lG
PyDrive2's unsafe YAML deserialization in LoadSettingsFile allows arbitrary code executionEcosystems: pypi
Packages: PyDrive2
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: jupyter-server
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 5 months ago
GSA_kwCzR0hTQS1oNTZnLWdxOXYtdmM4cs4AA3kx
jupyter-server errors include tracebacks with path informationEcosystems: pypi
Packages: jupyter-server
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 5 months ago
High
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
GSA_kwCzR0hTQS13cXhmLTQ0N20tNmY1Zs4AA3kN
Information exposure in MLflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: 5 months ago
High
Ecosystems: pypi
Packages: fastapi-proxy-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS03dndyLWc2cG0tOWhjOM4AA3e0
Cookie leakage between different users in fastapi-proxy-libEcosystems: pypi
Packages: fastapi-proxy-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: Dpaste
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: 5 months ago
GSA_kwCzR0hTQS1yOGo5LTVjajctY3YzOc4AA3ey
Reflected XSS Vulnerability in dpasteEcosystems: pypi
Packages: Dpaste
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: 5 months ago
GSA_kwCzR0hTQS1qZmhtLTVnaGgtMmY5N84AA3Zw
cryptography vulnerable to NULL-dereference when loading PKCS7 certificatesEcosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: 5 months ago
High
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 5 months ago
GSA_kwCzR0hTQS1mNjc4LWo1NzktNHhmNc4AA3Zv
Apache Superset - Elevation of PrivilegeEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 5 months ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 764
Ecosystems: 12
Packages: 8,294
Repositories: 764
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
50
apache-superset
48
Plone
45
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
mlflow
31
opencv-python
30
opencv-contrib-python
30
Django
27
moin
23
langchain
18
PaddlePaddle
17
mercurial
17
cobbler
17
pillow
16
nova
15
paddlepaddle
15
notebook
15
cryptography
15
gradio
14
modoboa
14
pyftpdlib
14
keystone
14
pyload-ng
14
neutron
13
OctoPrint
12
vantage6
12
glance
11
calibreweb
11
twisted
11
urllib3
11
aiohttp
11
onionshare-cli
11
trytond
10
wagtail
10
Flask-AppBuilder
10
zope
9
opencv-contrib-python-headless
9
opencv-python-headless
9
ethyca-fides
9
waitress
9
Zope
9
kiwitcms
9
trac
8
numpy
8
python-keystoneclient
8
aubio
8
roundup
8
nautobot
8
label-studio
8
swift
7
jupyter-server
7
pysaml2
7
pgadmin4
7
lief
7
scrapy
7
ipython
7
pip
7
matrix-sydent
7
mailman
6
apache-airflow-providers-apache-hive
6
lxml
6
Zope2
6
sentry
6
tuf
6
web2py
6
horizon
6
graphite-web
6
mindsdb
6
inventree
6
bleach
5
pyspark
5
saleor
5
lmdb
5
ckan
5
requests
5
python-gnupg
5
feedparser
5
whoogle-search
5
Products.CMFPlone
5
paramiko
5
cinder
5
jupyterhub
4
tripleo-heat-templates
4
bottle
4
Radicale
4
aws-iot-device-sdk-v2
4
Pygments
4
reportlab
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
markdown2
4
awsiotsdk
4
nltk
4
starlette
4
nvflare
4
datasette
4
Jinja2
4
ansible-core
4
transformers
4
esphome
4
httpie
4
Flask-Security-Too
4
grpc
4
keylime
4
grpcio
4
oauthenticator
4
FreeTAKServer-UI
4
tornado
4
PyPDF2
4
buildbot
4
pretix
4
werkzeug
4
GitPython
4
omero-web
4
yt-dlp
4
jwcrypto
4
qutebrowser
4
mistune
3
Mezzanine
3
gerapy
3
SQLAlchemy
3
copyparty
3
django-helpdesk
3
Werkzeug
3
dulwich
3
pyyaml
3
sanic
3
flask
3
pandasai
3
mayan-edms
3
barbican
3
aim
3
indy-node
3
protobuf
3
ryu
3
streamlit
3
httplib2
3
sosreport
3
zenml
3
sickrage
3
rsa
3
Weblate
3
ujson
3
openvpn-monitor
3
Keystone
3
pyarrow
3
Products.PluggableAuthService
3
changedetection.io
3
ajenti
3
fava
3
Moin
3
pycrypto
3
mitmproxy
3
keyring
3
io.grpc:grpc-protobuf
3
wger
3
apache-libcloud
3
ecdsa
3
plone.app.event
3
plone.app.theming
3
plone.app.dexterity
3
plone.supermodel
3
sqlparse
3
homeassistant
3
onnx
3
asyncua
3
torchserve
3
ansible-runner
3
localstack
3
poetry
3
bitlyshortener
3
indico
3
octavia
3
slixmpp
3
jupyterlab
3
clearml
3
docassemble.webapp
3
apache-iotdb
3
asyncssh
3
quokka
3
pywasm3
3
apache-airflow-providers-apache-spark
3
ray
3
python-jose
3
pymatgen
2
pyxdg
2
openapi-python-client
2
wagtail-2fa
2
zope2
2
py
2
ctx
2
Filter by Repository
https://github.com/tensorflow/tensorflow
432
https://github.com/apache/airflow
90
https://github.com/django/django
74
https://github.com/ansible/ansible
53
https://github.com/python-pillow/Pillow
52
https://github.com/ikus060/rdiffweb
42
https://github.com/vyperlang/vyper
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/matrix-org/synapse
32
https://github.com/saltstack/salt
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/opencv/opencv
28
https://github.com/mlflow/mlflow
25
https://github.com/cobbler/cobbler
14
https://github.com/pyload/pyload
14
https://github.com/vantage6/vantage6
14
https://github.com/pyca/cryptography
14
https://github.com/langchain-ai/langchain
14
https://github.com/modoboa/modoboa
13
https://github.com/gradio-app/gradio
13
https://github.com/twisted/twisted
12
https://github.com/urllib3/urllib3
11
https://github.com/aio-libs/aiohttp
11
https://github.com/openstack/keystone
11
https://github.com/onionshare/onionshare
11
https://github.com/janeczku/calibre-web
11
https://github.com/jupyter/notebook
10
https://github.com/dpgaspar/Flask-AppBuilder
10
https://github.com/zopefoundation/Zope
10
https://github.com/wagtail/wagtail
10
https://github.com/giampaolo/pyftpdlib
9
https://github.com/Pylons/waitress
9
https://github.com/apache/superset
9
https://github.com/ethyca/fides
9
https://github.com/pgadmin-org/pgadmin4
9
https://github.com/scrapy/scrapy
8
https://github.com/nautobot/nautobot
8
https://github.com/octoprint/octoprint
8
https://github.com/numpy/numpy
8
https://github.com/kiwitcms/Kiwi
8
https://github.com/ipython/ipython
8
https://github.com/aubio/aubio
7
https://github.com/lief-project/LIEF
7
https://github.com/graphite-project/graphite-web
6
https://github.com/getsentry/sentry
6
https://github.com/jupyter-server/jupyter_server
6
https://github.com/lxml/lxml
6
https://github.com/pypa/pip
6
https://github.com/mindsdb/mindsdb
6
https://github.com/HumanSignal/label-studio
6
https://github.com/matrix-org/sydent
6
https://github.com/pallets/werkzeug
5
https://sourceforge.net/projects/sourceforge.net
5
https://github.com/openstack/nova
5
https://github.com/mozilla/bleach
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/hwchase17/langchain
5
https://github.com/tryton/trytond
5
https://github.com/keylime/keylime
5
https://github.com/OctoPrint/OctoPrint
5
https://github.com/openstack/horizon
5
https://github.com/benbusby/whoogle-search
5
https://github.com/yt-dlp/yt-dlp
4
https://github.com/jhpyle/docassemble
4
https://github.com/Flask-Middleware/flask-security
4
https://github.com/esphome/esphome
4
https://github.com/openstack/neutron
4
https://github.com/ckan/ckan
4
https://github.com/jupyterhub/oauthenticator
4
https://github.com/inventree/InvenTree
4
https://github.com/web2py/web2py
4
https://github.com/latchset/jwcrypto
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/WeblateOrg/weblate
4
https://github.com/Kozea/Radicale
4
https://github.com/huggingface/transformers
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/rohe/pysaml2
4
https://github.com/ronf/asyncssh
4
https://github.com/py-pdf/pypdf
4
https://github.com/bottlepy/bottle
4
https://github.com/grpc/grpc
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/simonw/datasette
4
https://github.com/tornadoweb/tornado
4
https://github.com/saleor/saleor
4
https://github.com/psf/requests
4
https://github.com/openstack/cinder
3
https://github.com/beancount/fava
3
https://github.com/encode/starlette
3
https://github.com/onnx/onnx
3
https://github.com/python/cpython
3
https://github.com/ome/omero-web
3
https://github.com/Cog-Creators/Red-DiscordBot
3
https://github.com/dgtlmoon/changedetection.io
3
https://github.com/paramiko/paramiko
3
https://github.com/pallets/jinja
3
https://github.com/rochacbruno/quokka
3
https://github.com/poezio/slixmpp
3
https://github.com/pallets/flask
3
https://github.com/django-helpdesk/django-helpdesk
3
https://github.com/run-llama/llama_index
3
https://github.com/pretix/pretix
3
https://github.com/openstack/swift
3
https://github.com/pytorch/serve
3
https://github.com/djblets/djblets
3
https://github.com/dlitz/pycrypto
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/pyca/pyopenssl
3
https://github.com/openstack/octavia
3
https://github.com/pygments/pygments
3
https://github.com/pypa/advisory-db
3
https://github.com/openstack/glance
3
https://github.com/mitmproxy/mitmproxy
3
https://github.com/Gerapy/Gerapy
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/theupdateframework/tuf
3
https://github.com/github/securitylab
3
https://github.com/ansible/ansible-runner
3
https://github.com/trentm/python-markdown2
3
https://github.com/gventuri/pandas-ai
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/home-assistant/core
3
https://github.com/lepture/mistune
3
https://github.com/httplib2/httplib2
3
https://github.com/wasm3/wasm3
3
https://github.com/hyperledger/indy-node
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/yaml/pyyaml
3
https://github.com/9001/copyparty
3
https://github.com/zenml-io/zenml
3
https://github.com/indico/indico
3
https://github.com/jupyterlab/jupyterlab
3
https://github.com/jupyterhub/jupyterhub
3
https://github.com/streamlit/streamlit
3
https://github.com/sqlalchemy/sqlalchemy
3
https://github.com/mpdavis/python-jose
3
https://github.com/nltk/nltk
3
https://github.com/faucetsdn/ryu
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/sosreport/sos
3
https://github.com/MobSF/Mobile-Security-Framework-MobSF
3
https://github.com/furlongm/openvpn-monitor
3
https://gitlab.com/mayan-edms/mayan-edms
3
https://github.com/Kozea/CairoSVG
2
https://github.com/DataDog/guarddog
2
https://github.com/dask/distributed
2
https://github.com/pretalx/pretalx
2
https://github.com/nexB/scancode.io
2
https://github.com/plone/Products.ATContentTypes
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/ethereum/eth-abi
2
https://github.com/plone/plone.restapi
2
https://github.com/facebookresearch/ParlAI
2
https://github.com/IncludeSecurity/safeurl-python
2
https://github.com/cure53/DOMPurify
2
https://github.com/executablebooks/markdown-it-py
2
https://github.com/NVIDIA/NeMo
2
https://github.com/corydolphin/flask-cors
2
https://github.com/pyinstaller/pyinstaller
2
https://github.com/jupyterhub/jupyter-server-proxy
2
https://github.com/eventlet/eventlet
2
https://github.com/inventree/inventree
2
https://github.com/jrspruitt/ubi_reader
2
https://github.com/jpadilla/pyjwt
2
https://github.com/jelmer/dulwich
2
https://github.com/jdennis/keycloak-httpd-client-install
2
https://github.com/jaraco/keyring
2
https://github.com/openstack/magnum
2
https://github.com/mirumee/saleor
2
https://github.com/MirahezeBots/sopel-channelmgnt
2
https://github.com/geopython/OWSLib
2
https://github.com/moggers87/django-sendfile2
2
https://github.com/materialsproject/pymatgen
2
https://github.com/openstack/tripleo-heat-templates
2
https://github.com/goToMain/libosdp
2
https://github.com/marshmallow-code/webargs
2
https://github.com/django-wiki/django-wiki
2
https://github.com/OpenZeppelin/cairo-contracts
2
https://github.com/mongodb/mongo-python-driver
2
https://github.com/FreeTAKTeam/FreeTakServer
2
https://github.com/man-group/dtale
2
https://github.com/embedchain/embedchain
2
https://github.com/heartexlabs/label-studio
2
https://github.com/encode/uvicorn
2
https://github.com/html5lib/html5lib-python
2
https://github.com/FreeOpcUa/opcua-asyncio
2
https://github.com/httpie/httpie
2
https://github.com/Legrandin/pycryptodome
2
https://github.com/DIRACGrid/DIRAC
2
https://github.com/labd/wagtail-2fa
2
https://github.com/petl-developers/petl
2
https://github.com/Netflix/lemur
2
https://github.com/piccolo-orm/piccolo
2
https://github.com/devsnd/cherrymusic
2
https://github.com/dbt-labs/dbt-core
2