pypi
758,159 packages · pypi.org
Security Advisories in pypi
Critical
almost 3 years ago
GitPython vulnerable to Remote Code Execution due to improper user input validation
pypi
GitPython
Low
almost 3 years ago
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
pypi
guarddog
High
almost 3 years ago
XBlock vulnerable to Cross-Site Scripting (XSS)
pypi
xblock-drag-and-drop-v2
Low
almost 3 years ago
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package
pypi
guarddog
Low
about 3 years ago
Temporary File Information Disclosure vulnerability in MPXJ
pypi, nuget, maven
mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
High
about 3 years ago
OS Command Injection in Apache Airflow
pypi
apache-airflow-providers-apache-hive
Moderate
about 3 years ago
Tensorflow vulnerable to Out-of-Bounds Read
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Low
about 3 years ago
`CHECK` failure in `SobolSample` via missing validation
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Low
about 3 years ago
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Invalid char to bool conversion when printing a tensor
pypi
tensorflow-cpu, tensorflow-gpu, tensorflow
Moderate
about 3 years ago
Heap overflow in `QuantizeAndDequantizeV2`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Segfault in `CompositeTensorVariantToComponents`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`CHECK` fail via inputs in `PyFunc`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Overflow in `ResizeNearestNeighborGrad`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
about 3 years ago
Out of bounds write in grappler in Tensorflow
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
about 3 years ago
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`CHECK` fail via inputs in `SdcaOptimizer`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`FractionalMaxPoolGrad` Heap out of bounds read
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`tf.raw_ops.Mfcc` crashes
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`MirrorPadGrad` heap out of bounds read
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Segfault in `tf.raw_ops.TensorListConcat`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
`CHECK` fail in `BCast` overflow
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Segfault via invalid attributes in `pywrap_tfe_src.cc`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
FPE in `tf.image.generate_bounding_box_proposals`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Overflow in `tf.keras.losses.poisson`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Overflow in `ImageProjectiveTransformV2`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Overflow in `FusedResizeAndPadConv2D`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
Out of bounds segmentation fault due to unequal op inputs in Tensorflow
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
High
about 3 years ago
LIEF heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind
pypi
lief
Low
about 3 years ago
Rdiffweb vulnerable to Missing Authentication for Critical Function
pypi
rdiffweb
High
about 3 years ago
Cross Site Scripting vulnerability in wsgidav when directory browsing is enabled
pypi
wsgidav
High
about 3 years ago
Apache Airflow vulnerable to OS Command Injection via example DAGs
pypi
apache-airflow
High
about 3 years ago
Apache Airflow subject to Exposure of Sensitive Information
pypi
apache-airflow
Moderate
about 3 years ago
cleo is vulnerable to Regular Expression Denial of Service (ReDoS)
pypi
cleo
Moderate
about 3 years ago
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
pypi
pymatgen
Moderate
about 3 years ago
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)
pypi
snowflake-connector-python
High
about 3 years ago
Apache Pulsar Disabled Certificate Validation for OAuth Client Credential Requests makes C++/Python Clients vulnerable to MITM attack
pypi
pulsar-client
Moderate
about 3 years ago
OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions
pypi
virtualbmc, sushy-tools
High
about 3 years ago
Keylime: unhandled exceptions could lead to invalid attestation states
pypi
Keylime
High
about 3 years ago
Apache IoTDB subject to ReDOS with Java 8
maven, pypi
org.apache.iotdb:tsfile, org.apache.iotdb:iotdb-server, apache-iotdb, org.apache.iotdb:flink-tsfile-connector
High
about 3 years ago
Improper Control of Generation of Code ('Code Injection') in Azure CLI
pypi
azure-cli
Critical
about 3 years ago
Shinken Solutions Shinken Monitoring vulnerable to Incorrect Access Control
pypi
Shinken
High
about 3 years ago
MobSF allows attackers to read arbitrary files via a crafted HTTP request
pypi
mobsf
High
about 3 years ago
Powerline Gitstatus vulnerable to arbitrary code execution
pypi
powerline-gitstatus
High
about 3 years ago
Poetry vulnerable to Untrusted Search Path leading to Local Code Execution on Windows
pypi
poetry
High
about 3 years ago
Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API
pypi
apache-airflow
High
about 3 years ago
TensorFlow vulnerable to heap out of bounds read in filesystem glob matching
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
about 3 years ago
rdiffweb allows a new password to be the same as the previous password
pypi
rdiffweb
High
about 3 years ago
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
pypi
rdiffweb
High
about 3 years ago
Heartex - Label Studio Community Edition vulnerable to SSRF in the Data Import module
pypi
label-studio
High
about 3 years ago
rdiffweb's lack of token name length limit can result in DoS or memory corruption
pypi
rdiffweb
Moderate
about 3 years ago
LIEF vulnerable to denial of service through segmentation fault
pypi
lief
Filter by Severity
Filter by Package
tensorflow
433
tensorflow-cpu
410
tensorflow-gpu
397
apache-airflow
89
Django
89
salt
65
ansible
64
apache-superset
61
mlflow
55
Plone
54
django
48
nova
48
gradio
44
vyper
44
matrix-synapse
43
rdiffweb
42
plone
41
picklescan
39
moin
35
keystone
32
vllm
31
opencv-python
31
opencv-contrib-python
30
pillow
28
Pillow
28
open-webui
27
pyload-ng
24
glance
21
ethyca-fides
20
aim
20
langchain
19
neutron
19
transformers
19
mindsdb
18
mercurial
18
cobbler
18
OctoPrint
17
calibreweb
17
notebook
17
cryptography
17
paddlepaddle
16
lollms
16
pgadmin4
16
PaddlePaddle
16
h2o
15
aiohttp
15
pyftpdlib
14
vantage6
14
modoboa
14
mobsf
14
urllib3
14
zenml
14
litellm
14
roundup
13
swift
12
sentry
12
nautobot
12
twisted
12
wagtail
12
waitress
11
horizon
11
onionshare-cli
11
label-studio
11
ckan
11
ai.h2o:h2o-core
11
opencv-python-headless
10
Flask-AppBuilder
10
trytond
10
ryu
9
kiwitcms
9
lief
9
keras
9
agentscope
9
cinder
9
opencv-contrib-python-headless
9
llama-index
9
zope
9
changedetection.io
9
indico
8
aubio
8
Zope2
8
pip
8
trac
8
llama-index-core
8
numpy
8
Zope
8
ipython
8
python-keystoneclient
8
bentoml
8
copyparty
8
tornado
8
dbgpt
8
pysaml2
7
web2py
7
requests
7
matrix-sydent
7
executorch
7
scrapy
7
codechecker
7
jupyter-server
7
inventree
7
whoogle-search
6
torchserve
6
lxml
6
apache-airflow-providers-apache-hive
6
pypdf
6
ansible-core
6
graphite-web
6
snowflake-connector-python
6
dtale
6
Jinja2
6
langflow
6
keylime
6
tuf
6
Mezzanine
6
Moin
6
omero-web
6
torch
6
yt-dlp
6
OpenEXR
6
mailman
6
ray
6
mage-ai
6
langchain-community
5
grpc
5
onnx
5
open-webui
5
pretix
5
esphome
5
lmdb
5
feedparser
5
grpcio
5
ait-core
5
nltk
5
starlette
5
python-gnupg
5
saleor
5
mayan-edms
5
Products.CMFPlone
5
jupyterhub
5
Weblate
5
jupyterlab
5
weblate
5
bleach
5
composio-core
5
werkzeug
5
fschat
5
mitmproxy
5
homeassistant
5
langchain-experimental
5
Werkzeug
5
oauthenticator
5
xml2rfc
4
buildbot
4
datasette
4
dbt-core
4
llamafactory
4
octoprint
4
httpie
4
flask
4
jwcrypto
4
tripleo-heat-templates
4
authlib
4
Scrapy
4
MaterialX
4
Flask-Security-Too
4
awsiotsdk
4
markdown2
4
bbot
4
GitPython
4
pywasm3
4
FreeTAKServer-UI
4
pyspark
4
Radicale
4
langchain-core
4
barbican
4
indy-node
4
Pygments
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
PyPDF2
4
Keystone
4
pandasai
4
jinja2
4
pytorch-lightning
4
streamlit
4
flask-appbuilder
4
frappe
4
koji
4
clearml
4
flask-cors
4
qutebrowser
4
litestar
4
RestrictedPython
4
python-ldap
4
skops
4
motioneye
4
bottle
4
reportlab
4
django-helpdesk
4
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/django/django
121
https://github.com/apache/airflow
105
https://github.com/ansible/ansible
59
https://github.com/python-pillow/Pillow
52
https://github.com/vyperlang/vyper
44
https://github.com/saltstack/salt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/mmaitre314/picklescan
39
https://github.com/gradio-app/gradio
39
https://github.com/openstack/nova
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/mlflow/mlflow
36
https://github.com/opencv/opencv
32
https://github.com/matrix-org/synapse
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/openstack/keystone
28
https://github.com/vllm-project/vllm
25
https://github.com/langchain-ai/langchain
25
https://github.com/run-llama/llama_index
24
https://github.com/pyload/pyload
24
https://github.com/ethyca/fides
20
https://github.com/huggingface/transformers
19
https://github.com/vantage6/vantage6
17
https://github.com/mindsdb/mindsdb
17
https://github.com/pyca/cryptography
16
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/aio-libs/aiohttp
15
https://github.com/cobbler/cobbler
15
https://github.com/apache/superset
14
https://github.com/urllib3/urllib3
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/twisted/twisted
14
https://github.com/janeczku/calibre-web
14
https://github.com/zenml-io/zenml
13
https://github.com/modoboa/modoboa
13
https://github.com/h2oai/h2o-3
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/nautobot/nautobot
12
https://github.com/openstack/glance
12
https://github.com/getsentry/sentry
12
https://github.com/wagtail/wagtail
12
https://github.com/parisneo/lollms
11
https://github.com/open-webui/open-webui
11
https://github.com/Pylons/waitress
11
https://github.com/onionshare/onionshare
11
https://github.com/scrapy/scrapy
11
https://github.com/HumanSignal/label-studio
10
https://github.com/ckan/ckan
10
https://github.com/WeblateOrg/weblate
10
https://github.com/jupyter/notebook
10
https://github.com/lief-project/LIEF
9
https://github.com/element-hq/synapse
9
https://github.com/keras-team/keras
9
https://github.com/BerriAI/litellm
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/zopefoundation/Zope
9
https://github.com/openstack/horizon
9
https://github.com/faucetsdn/ryu
9
https://github.com/aimhubio/aim
9
https://github.com/ipython/ipython
8
https://github.com/tornadoweb/tornado
8
https://github.com/pallets/werkzeug
8
https://github.com/numpy/numpy
8
https://github.com/octoprint/octoprint
8
https://github.com/9001/copyparty
8
https://github.com/openstack/neutron
8
https://github.com/kiwitcms/Kiwi
8
https://github.com/dgtlmoon/changedetection.io
8
https://github.com/jupyter-server/jupyter_server
7
https://github.com/indico/indico
7
https://github.com/py-pdf/pypdf
7
https://github.com/pypa/pip
7
https://github.com/pytorch/executorch
7
https://github.com/aubio/aubio
7
https://github.com/Ericsson/codechecker
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/openstack/cinder
7
https://github.com/openstack/swift
7
https://github.com/pytorch/pytorch
7
https://github.com/pallets/jinja
7
https://github.com/modelscope/agentscope
6
https://github.com/man-group/dtale
6
https://github.com/psf/requests
6
https://github.com/matrix-org/sydent
6
https://github.com/jupyterlab/jupyterlab
6
https://github.com/benbusby/whoogle-search
6
https://github.com/roundup-tracker/roundup
6
https://github.com/lxml/lxml
6
https://github.com/corydolphin/flask-cors
6
https://github.com/snowflakedb/snowflake-connector-python
6
https://github.com/graphite-project/graphite-web
6
https://github.com/keylime/keylime
6
https://github.com/yt-dlp/yt-dlp
6
https://github.com/inventree/InvenTree
5
https://github.com/tryton/trytond
5
https://github.com/onnx/onnx
5
https://github.com/jupyterhub/oauthenticator
5
https://github.com/mitmproxy/mitmproxy
5
https://github.com/esphome/esphome
5
https://github.com/bentoml/BentoML
5
https://github.com/pytorch/serve
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/encode/starlette
5
https://github.com/home-assistant/core
5
https://github.com/ComposioHQ/composio
5
https://github.com/mozilla/bleach
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/hwchase17/langchain
5
https://github.com/ome/omero-web
5
https://github.com/ray-project/ray
5
https://github.com/Exiv2/exiv2
5
https://github.com/django-helpdesk/django-helpdesk
4
https://github.com/python-ldap/python-ldap
4
https://github.com/Kozea/Radicale
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/jupyterhub/jupyterhub
4
https://github.com/hiyouga/LLaMA-Factory
4
https://github.com/web2py/web2py
4
https://github.com/berriai/litellm
4
https://github.com/ietf-tools/xml2rfc
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/jhpyle/docassemble
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/wasm3/wasm3
4
https://github.com/nltk/nltk
4
https://github.com/frappe/frappe
4
https://github.com/mlc-ai/xgrammar
4
https://github.com/latchset/jwcrypto
4
https://github.com/streamlit/streamlit
4
https://github.com/hyperledger/indy-node
4
https://github.com/AcademySoftwareFoundation/openexr
4
https://github.com/zopefoundation/RestrictedPython
4
https://github.com/litestar-org/litestar
4
https://github.com/pypa/setuptools
4
https://github.com/Cog-Creators/Red-DiscordBot
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/eosphoros-ai/DB-GPT
4
https://github.com/blacklanternsecurity/bbot
4
https://github.com/rohe/pysaml2
4
https://github.com/ronf/asyncssh
4
https://github.com/AcademySoftwareFoundation/MaterialX
4
https://github.com/bottlepy/bottle
4
https://github.com/simonw/datasette
4
https://github.com/langflow-ai/langflow
4
https://github.com/pallets/flask
4
https://github.com/saleor/saleor
4
https://github.com/pretix/pretix
4
https://github.com/grpc/grpc
4
https://github.com/dbt-labs/dbt-core
4
https://github.com/jpadilla/pyjwt
3
https://github.com/eventlet/eventlet
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/ankitects/anki
3
https://github.com/astral-sh/uv
3
https://github.com/gventuri/pandas-ai
3
https://github.com/aws/sagemaker-python-sdk
3
https://github.com/benoitc/gunicorn
3
https://github.com/langchain-ai/langgraph
3
https://github.com/aws/aws-sam-cli
3
https://github.com/Kludex/python-multipart
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/furlongm/openvpn-monitor
3
https://github.com/langroid/langroid
3
https://github.com/djblets/djblets
3
https://github.com/mpdavis/python-jose
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/Flask-Middleware/flask-security
3
https://github.com/pyinstaller/pyinstaller
3
https://github.com/dlitz/pycrypto
3
https://github.com/openstack/octavia
3
https://github.com/khoj-ai/khoj
3
https://github.com/openstack/ironic
3
https://github.com/chatchat-space/Langchain-Chatchat
3
https://github.com/Project-MONAI/MONAI
3
https://github.com/pyca/pyopenssl
3
https://github.com/poezio/slixmpp
3
https://github.com/adamghill/django-unicorn
3
https://github.com/ansible/ansible-runner
3
https://github.com/lepture/mistune
3
https://github.com/geyang/ml-logger
3
https://github.com/python/cpython
3
https://github.com/certifi/python-certifi
3
https://github.com/pygments/pygments
3
https://github.com/rochacbruno/quokka
3
https://github.com/skops-dev/skops
3
https://github.com/beancount/fava
3
https://github.com/modelscope/ms-swift
3
https://github.com/trentm/python-markdown2
3
https://github.com/authlib/authlib
3
https://github.com/micropython/micropython
3
https://github.com/DavidOsipov/PostQuantum-Feldman-VSS
3
https://github.com/bytecodealliance/wasmtime
3
https://github.com/theupdateframework/tuf
3
https://github.com/sosreport/sos
3