pypi
758,159 packages · pypi.org
Security Advisories in pypi
Moderate
over 2 years ago
kiwitcms vulnerable to stored XSS via unrestricted files upload
pypi
kiwitcms
High
over 2 years ago
Any file can be included with the pymdown-snippets extension
pypi
pymdown-extensions
High
over 2 years ago
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment
pypi
vyper
High
over 2 years ago
Vyper vulnerable to incorrect ordering of arguments for kwargs passed to internal calls
pypi
vyper
Moderate
over 2 years ago
in-toto vulnerable to Configuration Read From Local Directory
pypi
in-toto
Critical
over 2 years ago
Apache Airflow vulnerable to Privilege Context Switching Error
pypi
apache-airflow
Moderate
over 2 years ago
Apache Airflow vulnerable to stored Cross-site Scripting
pypi
apache-airflow
Critical
over 2 years ago
Django bypasses validation when using one form field to upload multiple files
pypi
Django
High
over 2 years ago
Apache Spark UI vulnerable to Command Injection
pypi, maven
pyspark, org.apache.spark:spark-parent_2.12
High
over 2 years ago
Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header
pypi
flask
Critical
over 2 years ago
Remote file access vulnerability in `mlflow server` and `mlflow ui` CLIs
pypi
mlflow
Low
over 2 years ago
kiwi TCMS has possibility for user to update email address to unverified one
pypi
kiwitcms
Moderate
over 2 years ago
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service
pypi
sqlparse
Critical
over 2 years ago
Apache IoTDB Grafana Connector vulnerable to Improper Authentication
pypi, maven
apache-iotdb, org.apache.iotdb:iotdb-grafana-connector
Moderate
over 2 years ago
Improper Restriction of Excessive Authentication Attempts in calibreweb
pypi
calibreweb
Moderate
over 2 years ago
Allegro Tech BigFlow vulnerable to Missing SSL Certificate Validation
pypi
bigflow
High
over 2 years ago
Apache Airflow Drill Provider vulnerable to improper input validation
pypi
apache-airflow-providers-apache-drill
Critical
over 2 years ago
Apache Airflow Hive Provider vulnerable to code injection
pypi
apache-airflow-providers-apache-hive
High
over 2 years ago
Apache Airflow Spark Provider vulnerable to improper input validation
pypi
apache-airflow-providers-apache-spark
Moderate
over 2 years ago
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
pypi
wagtail
High
over 2 years ago
Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views
pypi
wagtail
Low
over 2 years ago
configobj ReDoS exploitable by developer using values in a server-side configuration file
pypi
configobj
High
over 2 years ago
mindsdb arbitrary file write when extracting a remotely retrieved Tarball
pypi
mindsdb
Moderate
over 2 years ago
Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
pypi
mindsdb
Critical
over 2 years ago
Use of hard-coded, security-relevant constants in deepset-ai/haystack
pypi
farm-haystack
Moderate
over 2 years ago
TensorFlow Denial of Service vulnerability
pypi
tensorflow-cpu, tensorflow
High
over 2 years ago
Nginx alias path traversal allows unauthenticated attackers to read all files on /label_studio/core/
pypi
label-studio
Moderate
over 2 years ago
Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs
pypi
mlflow
Critical
over 2 years ago
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs
pypi
mlflow
High
over 2 years ago
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow vulnerable to integer overflow in EditDistance
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Null Pointer Error in TensorArrayConcatV2
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Heap-buffer-overflow in AvgPoolGrad
pypi
tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Null Pointer Error in SparseSparseMaximum
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Floating Point Exception in AudioSpectrogram
pypi
tensorflow-cpu, tensorflow
Moderate
over 2 years ago
TensorFlow vulnerable to segfault when opening multiframe gif
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Critical
over 2 years ago
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has segmentation fault in tfg-translate
pypi
tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Null Pointer Error in LookupTableImportV2
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Floating Point Exception in TensorListSplit with XLA
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Segfault in Bincount with XLA
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has null dereference on ParallelConcat with XLA
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has double free in Fractional(Max/Avg)Pool
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow has Floating Point Exception in TFLite in conv kernel
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
over 2 years ago
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
over 2 years ago
tripleo-ansible may disclose important configuration details from an OpenStack deployment
pypi
tripleo-ansible
Moderate
over 2 years ago
tripleo-ansible may disclose important configuration details from an OpenStack deployment
pypi
tripleo-ansible
High
over 2 years ago
Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True`
pypi
sentry-sdk
High
over 2 years ago
CairoSVG improperly processes SVG files loaded from external resources
pypi
CairoSVG
Moderate
over 2 years ago
Streamlit publishes previously-patched Cross-site Scripting vulnerability
pypi
streamlit
Moderate
over 2 years ago
Sensitive Information in Error Messages in Apache Airflow
pypi
apache-airflow
Low
over 2 years ago
OpenStack Glance Inclusion of Functionality from Untrusted Control Sphere vulnerability
pypi
glance
Moderate
over 2 years ago
Saleor has Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
pypi
Saleor
Low
over 2 years ago
Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions
pypi
saleor
Filter by Severity
Filter by Package
tensorflow
433
tensorflow-cpu
410
tensorflow-gpu
397
Django
89
apache-airflow
89
salt
65
ansible
64
apache-superset
61
Plone
55
mlflow
55
nova
48
django
48
gradio
44
vyper
44
matrix-synapse
43
rdiffweb
42
plone
41
picklescan
39
moin
35
keystone
32
vllm
31
opencv-python
30
opencv-contrib-python
29
Pillow
28
pillow
28
open-webui
27
pyload-ng
24
glance
21
aim
20
ethyca-fides
20
transformers
19
neutron
19
langchain
19
cobbler
18
mercurial
18
mindsdb
18
cryptography
17
notebook
17
OctoPrint
17
calibreweb
17
lollms
16
PaddlePaddle
16
paddlepaddle
16
pgadmin4
16
aiohttp
15
h2o
15
vantage6
14
modoboa
14
litellm
14
mobsf
14
pyftpdlib
14
zenml
14
urllib3
14
roundup
13
swift
12
nautobot
12
sentry
12
wagtail
12
twisted
12
onionshare-cli
11
waitress
11
ai.h2o:h2o-core
11
ckan
11
horizon
11
label-studio
11
trytond
10
Flask-AppBuilder
10
opencv-contrib-python-headless
10
changedetection.io
9
ryu
9
kiwitcms
9
zope
9
cinder
9
keras
9
lief
9
agentscope
9
opencv-python-headless
9
llama-index
9
indico
8
ipython
8
bentoml
8
Zope
8
dbgpt
8
python-keystoneclient
8
pyspark
8
Zope2
8
tornado
8
aubio
8
trac
8
numpy
8
llama-index-core
8
copyparty
8
pip
8
codechecker
7
pysaml2
7
jupyter-server
7
scrapy
7
executorch
7
matrix-sydent
7
inventree
7
requests
7
web2py
7
torch
6
yt-dlp
6
Jinja2
6
dtale
6
whoogle-search
6
langflow
6
apache-airflow-providers-apache-hive
6
snowflake-connector-python
6
ray
6
OpenEXR
6
torchserve
6
omero-web
6
lxml
6
mailman
6
graphite-web
6
mage-ai
6
Moin
6
ansible-core
6
Mezzanine
6
tuf
6
pypdf
6
keylime
6
bleach
5
grpc
5
onnx
5
open-webui
5
esphome
5
pretix
5
starlette
5
lmdb
5
feedparser
5
ait-core
5
jupyterhub
5
nltk
5
mayan-edms
5
saleor
5
python-gnupg
5
grpcio
5
Weblate
5
weblate
5
jupyterlab
5
fschat
5
werkzeug
5
composio-core
5
mitmproxy
5
homeassistant
5
langchain-experimental
5
langchain-community
5
Werkzeug
5
oauthenticator
5
jwcrypto
4
octoprint
4
flask
4
llamafactory
4
pywasm3
4
xml2rfc
4
tripleo-heat-templates
4
datasette
4
Scrapy
4
authlib
4
awsiotsdk
4
markdown2
4
MaterialX
4
Products.CMFPlone
4
GitPython
4
FreeTAKServer-UI
4
paramiko
4
bbot
4
Flask-Security-Too
4
indy-node
4
aws-iot-device-sdk-v2
4
langchain-core
4
Keystone
4
barbican
4
Radicale
4
Pygments
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
jinja2
4
PyPDF2
4
flask-appbuilder
4
pytorch-lightning
4
pandasai
4
streamlit
4
koji
4
flask-cors
4
django-helpdesk
4
litestar
4
clearml
4
qutebrowser
4
wasmtime
4
motioneye
4
reportlab
4
frappe
4
httpie
4
python-ldap
4
skops
4
InvokeAI
4
bottle
4
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/django/django
121
https://github.com/apache/airflow
105
https://github.com/ansible/ansible
59
https://github.com/python-pillow/Pillow
52
https://github.com/vyperlang/vyper
44
https://github.com/saltstack/salt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/gradio-app/gradio
39
https://github.com/mmaitre314/picklescan
39
https://github.com/openstack/nova
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/mlflow/mlflow
36
https://github.com/opencv/opencv
32
https://github.com/matrix-org/synapse
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/openstack/keystone
28
https://github.com/langchain-ai/langchain
25
https://github.com/vllm-project/vllm
25
https://github.com/pyload/pyload
24
https://github.com/run-llama/llama_index
24
https://github.com/ethyca/fides
20
https://github.com/huggingface/transformers
19
https://github.com/mindsdb/mindsdb
17
https://github.com/vantage6/vantage6
17
https://github.com/pyca/cryptography
16
https://github.com/aio-libs/aiohttp
15
https://github.com/cobbler/cobbler
15
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/apache/superset
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/urllib3/urllib3
14
https://github.com/janeczku/calibre-web
14
https://github.com/twisted/twisted
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/modoboa/modoboa
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/zenml-io/zenml
13
https://github.com/h2oai/h2o-3
13
https://github.com/openstack/glance
12
https://github.com/wagtail/wagtail
12
https://github.com/getsentry/sentry
12
https://github.com/nautobot/nautobot
12
https://github.com/parisneo/lollms
11
https://github.com/scrapy/scrapy
11
https://github.com/Pylons/waitress
11
https://github.com/onionshare/onionshare
11
https://github.com/open-webui/open-webui
11
https://github.com/ckan/ckan
10
https://github.com/jupyter/notebook
10
https://github.com/HumanSignal/label-studio
10
https://github.com/WeblateOrg/weblate
10
https://github.com/zopefoundation/Zope
9
https://github.com/keras-team/keras
9
https://github.com/BerriAI/litellm
9
https://github.com/aimhubio/aim
9
https://github.com/openstack/horizon
9
https://github.com/element-hq/synapse
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/faucetsdn/ryu
9
https://github.com/lief-project/LIEF
9
https://github.com/ipython/ipython
8
https://github.com/tornadoweb/tornado
8
https://github.com/numpy/numpy
8
https://github.com/dgtlmoon/changedetection.io
8
https://github.com/pallets/werkzeug
8
https://github.com/kiwitcms/Kiwi
8
https://github.com/9001/copyparty
8
https://github.com/openstack/neutron
8
https://github.com/octoprint/octoprint
8
https://github.com/Ericsson/codechecker
7
https://github.com/openstack/swift
7
https://github.com/pypa/pip
7
https://github.com/jupyter-server/jupyter_server
7
https://github.com/py-pdf/pypdf
7
https://github.com/openstack/cinder
7
https://github.com/indico/indico
7
https://github.com/aubio/aubio
7
https://github.com/pytorch/pytorch
7
https://github.com/pytorch/executorch
7
https://github.com/pallets/jinja
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/benbusby/whoogle-search
6
https://github.com/corydolphin/flask-cors
6
https://github.com/snowflakedb/snowflake-connector-python
6
https://github.com/man-group/dtale
6
https://github.com/graphite-project/graphite-web
6
https://github.com/keylime/keylime
6
https://github.com/matrix-org/sydent
6
https://github.com/roundup-tracker/roundup
6
https://github.com/yt-dlp/yt-dlp
6
https://github.com/modelscope/agentscope
6
https://github.com/jupyterlab/jupyterlab
6
https://github.com/lxml/lxml
6
https://github.com/psf/requests
6
https://github.com/mitmproxy/mitmproxy
5
https://github.com/onnx/onnx
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/ComposioHQ/composio
5
https://github.com/tryton/trytond
5
https://github.com/esphome/esphome
5
https://github.com/pytorch/serve
5
https://github.com/bentoml/BentoML
5
https://github.com/encode/starlette
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/Exiv2/exiv2
5
https://github.com/jupyterhub/oauthenticator
5
https://github.com/home-assistant/core
5
https://github.com/ray-project/ray
5
https://github.com/mozilla/bleach
5
https://github.com/ome/omero-web
5
https://github.com/inventree/InvenTree
5
https://github.com/hwchase17/langchain
5
https://github.com/eosphoros-ai/DB-GPT
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/blacklanternsecurity/bbot
4
https://github.com/hiyouga/LLaMA-Factory
4
https://github.com/grpc/grpc
4
https://github.com/zopefoundation/RestrictedPython
4
https://github.com/berriai/litellm
4
https://github.com/ietf-tools/xml2rfc
4
https://github.com/jhpyle/docassemble
4
https://github.com/Kozea/Radicale
4
https://github.com/dbt-labs/dbt-core
4
https://github.com/web2py/web2py
4
https://github.com/frappe/frappe
4
https://github.com/bottlepy/bottle
4
https://github.com/latchset/jwcrypto
4
https://github.com/hyperledger/indy-node
4
https://github.com/Cog-Creators/Red-DiscordBot
4
https://github.com/AcademySoftwareFoundation/openexr
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/bytecodealliance/wasmtime
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/saleor/saleor
4
https://github.com/langflow-ai/langflow
4
https://github.com/pypa/setuptools
4
https://github.com/nltk/nltk
4
https://github.com/streamlit/streamlit
4
https://github.com/mlc-ai/xgrammar
4
https://github.com/litestar-org/litestar
4
https://github.com/AcademySoftwareFoundation/MaterialX
4
https://github.com/pretix/pretix
4
https://github.com/rohe/pysaml2
4
https://github.com/ronf/asyncssh
4
https://github.com/pallets/flask
4
https://github.com/simonw/datasette
4
https://github.com/wasm3/wasm3
4
https://github.com/django-helpdesk/django-helpdesk
4
https://github.com/jupyterhub/jupyterhub
4
https://github.com/python-ldap/python-ldap
4
https://github.com/pyinstaller/pyinstaller
3
https://github.com/gventuri/pandas-ai
3
https://github.com/dlitz/pycrypto
3
https://github.com/zauberzeug/nicegui
3
https://github.com/theupdateframework/tuf
3
https://github.com/openstack/octavia
3
https://github.com/adamghill/django-unicorn
3
https://github.com/NASA-AMMOS/AIT-Core
3
https://github.com/pyca/pyopenssl
3
https://github.com/certifi/python-certifi
3
https://github.com/sqlalchemy/sqlalchemy
3
https://github.com/pygments/pygments
3
https://github.com/aws/aws-sam-cli
3
https://github.com/micropython/micropython
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/stephenmcd/mezzanine
3
https://github.com/skops-dev/skops
3
https://github.com/paramiko/paramiko
3
https://github.com/aws/sagemaker-python-sdk
3
https://github.com/Gerapy/Gerapy
3
https://github.com/chatchat-space/Langchain-Chatchat
3
https://github.com/astral-sh/uv
3
https://github.com/modelscope/ms-swift
3
https://github.com/ankitects/anki
3
https://github.com/beancount/fava
3
https://github.com/sosreport/sos
3
https://github.com/langroid/langroid
3
https://github.com/benoitc/gunicorn
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/eventlet/eventlet
3
https://github.com/geyang/ml-logger
3
https://github.com/lepture/mistune
3
https://github.com/rochacbruno/quokka
3
https://github.com/khoj-ai/khoj
3
https://github.com/python/cpython
3
https://github.com/openstack/ironic
3
https://github.com/Project-MONAI/MONAI
3
https://github.com/poezio/slixmpp
3
https://github.com/ansible/ansible-runner
3
https://github.com/Flask-Middleware/flask-security
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/jlowin/fastmcp
3
https://github.com/github/securitylab
3
https://github.com/invoke-ai/InvokeAI
3
https://github.com/langchain-ai/langgraph
3
https://github.com/jpadilla/pyjwt
3