pypi
755,850 packages · pypi.org
Security Advisories in pypi
Moderate
over 1 year ago
urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects
pypi
urllib3
High
over 1 year ago
LNbits improperly handles potential network and payment failures when using Eclair backend
pypi
lnbits
High
over 1 year ago
langchain_experimental Code Execution via Python REPL access
pypi
langchain-experimental
Low
over 1 year ago
Apache Airflow does not return the "Cache-Control" header for dynamic content
pypi
apache-airflow
Moderate
over 1 year ago
Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components
pypi
invenio-communities
High
over 1 year ago
Globus `identity_provider` restriction ignored when used with `allow_all` in JupyterHub 5.0
pypi
oauthenticator
Critical
over 1 year ago
Apache Submarine Server Core Incorrect Authorization vulnerability
pypi, maven
apache-submarine, org.apache.submarine:submarine-server-core
Critical
over 1 year ago
Jupyter Server Proxy has a reflected XSS issue in host parameter
pypi
jupyter-server-proxy
Critical
over 1 year ago
document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection
pypi
document-merge-service
Moderate
over 1 year ago
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
nuget, maven, npm, pypi
Azure.Identity, com.azure:azure-identity, @azure/identity, azure-identity
Moderate
over 1 year ago
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado
pypi
tornado
High
over 1 year ago
onnx allows Arbitrary File Overwrite in download_model_with_test_data
pypi
onnx
Moderate
over 1 year ago
Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever
pypi
langchain-community
High
over 1 year ago
Jupyter server on Windows discloses Windows user password hash
pypi
jupyter_server
Moderate
over 1 year ago
path traversal vulnerability was identified in the parisneo/lollms-webui
pypi
lollms
Moderate
over 1 year ago
code injection vulnerability exists in the huggingface/text-generation-inference repository
pypi
text-generation
Moderate
over 1 year ago
Improper Handling of Insufficient Permissions in `wagtail.contrib.settings`
pypi
wagtail
Moderate
over 1 year ago
Sensitive Data Disclosure Vulnerability in Connection Configuration Endpoints
pypi
ethyca-fides
Moderate
over 1 year ago
Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects
pypi
nautobot
Low
over 1 year ago
Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability
pypi
ethyca-fides
Moderate
over 1 year ago
dbt allows Binding to an Unrestricted IP Address via socketsocket
pypi
dbt-core
Moderate
over 1 year ago
jupyter-scheduler's endpoint is missing authentication
pypi
jupyter-scheduler
Low
over 1 year ago
vantage6 collaboration admins can extend their influence by expanding the collaboration
pypi
vantage6
High
over 1 year ago
NASA AIT-Core uses unencrypted channels to exchange data over the network
pypi
ait-core
Moderate
over 1 year ago
Gradio applications running locally vulnerable to 3rd party websites accessing routes and uploading files
pypi
gradio
Moderate
over 1 year ago
OMERO.web must check that the JSONP callback is a valid function
pypi
omero-web
Moderate
over 1 year ago
Requests `Session` object does not verify requests after making first request with verify=False
pypi
requests
High
over 1 year ago
litellm passes untrusted data to `eval` function without sanitization
pypi
litellm
Critical
over 1 year ago
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command
pypi
consoleme
High
over 1 year ago
RunGptLLM class in LlamaIndex has a command injection
pypi
llama-index-llms-rungpt, llama-index
Moderate
over 1 year ago
Scrapy leaks the authorization header on same-domain but cross-origin redirects
pypi
Scrapy
High
over 1 year ago
OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled
pypi
OctoPrint
Moderate
over 1 year ago
Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
pypi
apache-airflow
High
over 1 year ago
Nautobot's BANNER_* configuration can be used to inject arbitrary HTML content into Nautobot pages
pypi
nautobot
Critical
over 1 year ago
llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata
pypi
llama-cpp-python
Critical
over 1 year ago
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
pypi
frigate
Filter by Severity
Filter by Package
tensorflow
433
tensorflow-cpu
409
tensorflow-gpu
394
apache-airflow
89
Django
89
salt
65
ansible
64
apache-superset
61
mlflow
55
Plone
54
django
48
nova
48
vyper
44
gradio
44
matrix-synapse
43
rdiffweb
42
plone
41
picklescan
39
moin
35
keystone
32
vllm
31
opencv-python
31
opencv-contrib-python
31
Pillow
28
pillow
28
open-webui
27
pyload-ng
24
glance
21
ethyca-fides
20
aim
20
neutron
19
langchain
19
transformers
19
cobbler
18
mindsdb
18
mercurial
18
calibreweb
17
notebook
17
cryptography
17
OctoPrint
17
paddlepaddle
16
pgadmin4
16
lollms
16
PaddlePaddle
16
h2o
15
aiohttp
15
urllib3
14
modoboa
14
zenml
14
litellm
14
pyftpdlib
14
mobsf
14
vantage6
14
roundup
13
twisted
12
sentry
12
wagtail
12
swift
12
nautobot
12
horizon
11
onionshare-cli
11
waitress
11
label-studio
11
ckan
11
ai.h2o:h2o-core
11
trytond
10
opencv-python-headless
10
Flask-AppBuilder
10
kiwitcms
9
changedetection.io
9
keras
9
opencv-contrib-python-headless
9
cinder
9
ryu
9
zope
9
agentscope
9
lief
9
llama-index
9
pip
8
Zope
8
copyparty
8
Zope2
8
numpy
8
aubio
8
bentoml
8
trac
8
dbgpt
8
tornado
8
python-keystoneclient
8
indico
8
llama-index-core
8
ipython
8
requests
7
inventree
7
scrapy
7
jupyter-server
7
codechecker
7
executorch
7
web2py
7
matrix-sydent
7
pysaml2
7
graphite-web
6
ansible-core
6
tuf
6
torchserve
6
dtale
6
apache-airflow-providers-apache-hive
6
OpenEXR
6
mage-ai
6
whoogle-search
6
lxml
6
Moin
6
Mezzanine
6
langflow
6
Jinja2
6
yt-dlp
6
snowflake-connector-python
6
torch
6
mailman
6
onnx
5
Weblate
5
pypdf
5
nltk
5
langchain-community
5
oauthenticator
5
grpcio
5
open-webui
5
keylime
5
grpc
5
pretix
5
python-gnupg
5
bleach
5
mitmproxy
5
lmdb
5
esphome
5
saleor
5
jupyterlab
5
werkzeug
5
composio-core
5
fschat
5
omero-web
5
jupyterhub
5
starlette
5
ray
5
feedparser
5
mayan-edms
5
Products.CMFPlone
5
homeassistant
5
ait-core
5
langchain-experimental
5
weblate
5
Werkzeug
5
flask-cors
4
bottle
4
markdown2
4
Pygments
4
llamafactory
4
Flask-Security-Too
4
flask
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
litestar
4
setuptools
4
FreeTAKServer-UI
4
paramiko
4
motioneye
4
PyPDF2
4
streamlit
4
Scrapy
4
bbot
4
pyspark
4
aws-iot-device-sdk-v2
4
xml2rfc
4
skops
4
datasette
4
jinja2
4
tripleo-heat-templates
4
buildbot
4
langchain-core
4
octoprint
4
nvflare
4
Radicale
4
barbican
4
authlib
4
Keystone
4
RestrictedPython
4
reportlab
4
InvokeAI
4
flask-appbuilder
4
qutebrowser
4
python-ldap
4
pywasm3
4
indy-node
4
dbt-core
4
GitPython
4
httpie
4
jwcrypto
4
koji
4
awsiotsdk
4
pandasai
4
Nova
4
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/django/django
121
https://github.com/apache/airflow
105
https://github.com/ansible/ansible
59
https://github.com/python-pillow/Pillow
52
https://github.com/vyperlang/vyper
44
https://github.com/saltstack/salt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/mmaitre314/picklescan
39
https://github.com/gradio-app/gradio
39
https://github.com/openstack/nova
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/mlflow/mlflow
36
https://github.com/opencv/opencv
32
https://github.com/matrix-org/synapse
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/openstack/keystone
28
https://github.com/vllm-project/vllm
25
https://github.com/langchain-ai/langchain
25
https://github.com/run-llama/llama_index
24
https://github.com/pyload/pyload
24
https://github.com/ethyca/fides
20
https://github.com/huggingface/transformers
19
https://github.com/vantage6/vantage6
17
https://github.com/mindsdb/mindsdb
17
https://github.com/pyca/cryptography
16
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/aio-libs/aiohttp
15
https://github.com/cobbler/cobbler
15
https://github.com/apache/superset
14
https://github.com/urllib3/urllib3
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/twisted/twisted
14
https://github.com/janeczku/calibre-web
14
https://github.com/zenml-io/zenml
13
https://github.com/modoboa/modoboa
13
https://github.com/h2oai/h2o-3
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/nautobot/nautobot
12
https://github.com/openstack/glance
12
https://github.com/getsentry/sentry
12
https://github.com/wagtail/wagtail
12
https://github.com/parisneo/lollms
11
https://github.com/open-webui/open-webui
11
https://github.com/Pylons/waitress
11
https://github.com/onionshare/onionshare
11
https://github.com/scrapy/scrapy
11
https://github.com/HumanSignal/label-studio
10
https://github.com/ckan/ckan
10
https://github.com/WeblateOrg/weblate
10
https://github.com/jupyter/notebook
10
https://github.com/lief-project/LIEF
9
https://github.com/element-hq/synapse
9
https://github.com/keras-team/keras
9
https://github.com/BerriAI/litellm
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/zopefoundation/Zope
9
https://github.com/openstack/horizon
9
https://github.com/faucetsdn/ryu
9
https://github.com/aimhubio/aim
9
https://github.com/ipython/ipython
8
https://github.com/tornadoweb/tornado
8
https://github.com/pallets/werkzeug
8
https://github.com/numpy/numpy
8
https://github.com/octoprint/octoprint
8
https://github.com/9001/copyparty
8
https://github.com/openstack/neutron
8
https://github.com/kiwitcms/Kiwi
8
https://github.com/dgtlmoon/changedetection.io
8
https://github.com/jupyter-server/jupyter_server
7
https://github.com/indico/indico
7
https://github.com/py-pdf/pypdf
7
https://github.com/pypa/pip
7
https://github.com/pytorch/executorch
7
https://github.com/aubio/aubio
7
https://github.com/Ericsson/codechecker
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/openstack/cinder
7
https://github.com/openstack/swift
7
https://github.com/pytorch/pytorch
7
https://github.com/pallets/jinja
7
https://github.com/modelscope/agentscope
6
https://github.com/man-group/dtale
6
https://github.com/psf/requests
6
https://github.com/matrix-org/sydent
6
https://github.com/jupyterlab/jupyterlab
6
https://github.com/benbusby/whoogle-search
6
https://github.com/roundup-tracker/roundup
6
https://github.com/lxml/lxml
6
https://github.com/corydolphin/flask-cors
6
https://github.com/snowflakedb/snowflake-connector-python
6
https://github.com/graphite-project/graphite-web
6
https://github.com/keylime/keylime
6
https://github.com/yt-dlp/yt-dlp
6
https://github.com/inventree/InvenTree
5
https://github.com/tryton/trytond
5
https://github.com/onnx/onnx
5
https://github.com/jupyterhub/oauthenticator
5
https://github.com/mitmproxy/mitmproxy
5
https://github.com/esphome/esphome
5
https://github.com/bentoml/BentoML
5
https://github.com/pytorch/serve
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/encode/starlette
5
https://github.com/home-assistant/core
5
https://github.com/ComposioHQ/composio
5
https://github.com/mozilla/bleach
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/hwchase17/langchain
5
https://github.com/ome/omero-web
5
https://github.com/ray-project/ray
5
https://github.com/Exiv2/exiv2
5
https://github.com/django-helpdesk/django-helpdesk
4
https://github.com/Kozea/Radicale
4
https://github.com/python-ldap/python-ldap
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/jupyterhub/jupyterhub
4
https://github.com/hiyouga/LLaMA-Factory
4
https://github.com/web2py/web2py
4
https://github.com/berriai/litellm
4
https://github.com/ietf-tools/xml2rfc
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/jhpyle/docassemble
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/wasm3/wasm3
4
https://github.com/nltk/nltk
4
https://github.com/frappe/frappe
4
https://github.com/mlc-ai/xgrammar
4
https://github.com/latchset/jwcrypto
4
https://github.com/streamlit/streamlit
4
https://github.com/hyperledger/indy-node
4
https://github.com/zopefoundation/RestrictedPython
4
https://github.com/AcademySoftwareFoundation/openexr
4
https://github.com/litestar-org/litestar
4
https://github.com/pypa/setuptools
4
https://github.com/Cog-Creators/Red-DiscordBot
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/eosphoros-ai/DB-GPT
4
https://github.com/blacklanternsecurity/bbot
4
https://github.com/rohe/pysaml2
4
https://github.com/bottlepy/bottle
4
https://github.com/AcademySoftwareFoundation/MaterialX
4
https://github.com/ronf/asyncssh
4
https://github.com/langflow-ai/langflow
4
https://github.com/simonw/datasette
4
https://github.com/pallets/flask
4
https://github.com/saleor/saleor
4
https://github.com/pretix/pretix
4
https://github.com/grpc/grpc
4
https://github.com/dbt-labs/dbt-core
4
https://github.com/jpadilla/pyjwt
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/eventlet/eventlet
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/ankitects/anki
3
https://github.com/gventuri/pandas-ai
3
https://github.com/astral-sh/uv
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/benoitc/gunicorn
3
https://github.com/aws/sagemaker-python-sdk
3
https://github.com/langchain-ai/langgraph
3
https://github.com/Kludex/python-multipart
3
https://github.com/aws/aws-sam-cli
3
https://github.com/furlongm/openvpn-monitor
3
https://github.com/langroid/langroid
3
https://github.com/djblets/djblets
3
https://github.com/mpdavis/python-jose
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/Flask-Middleware/flask-security
3
https://github.com/pyinstaller/pyinstaller
3
https://github.com/dlitz/pycrypto
3
https://github.com/openstack/octavia
3
https://github.com/khoj-ai/khoj
3
https://github.com/openstack/ironic
3
https://github.com/chatchat-space/Langchain-Chatchat
3
https://github.com/Project-MONAI/MONAI
3
https://github.com/adamghill/django-unicorn
3
https://github.com/poezio/slixmpp
3
https://github.com/pyca/pyopenssl
3
https://github.com/ansible/ansible-runner
3
https://github.com/lepture/mistune
3
https://github.com/geyang/ml-logger
3
https://github.com/certifi/python-certifi
3
https://github.com/python/cpython
3
https://github.com/pygments/pygments
3
https://github.com/theupdateframework/tuf
3
https://github.com/sosreport/sos
3
https://github.com/Gerapy/Gerapy
3
https://github.com/micropython/micropython
3
https://github.com/zauberzeug/nicegui
3
https://github.com/trentm/python-markdown2
3
https://github.com/authlib/authlib
3
https://github.com/yaml/pyyaml
3
https://github.com/stephenmcd/mezzanine
3
https://github.com/DavidOsipov/PostQuantum-Feldman-VSS
3
https://github.com/GeoNode/geonode
3