pypi
735,275 packages · pypi.org
High Security Advisories in pypi Clear Filters
High
7 months ago
AgentScope arbitrary file download vulnerability in rpc_agent_client
pypi
agentscope
High
7 months ago
Open WebUI denial of service through endpoint for converting markdown
pypi
open-webui
High
7 months ago
H2O Vulnerable to Denial of Service (DoS) via `HEAD` Request
maven, pypi
ai.h2o:h2o-core, h2o
High
7 months ago
Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions
pypi
open-webui
High
7 months ago
Aim allows denial of service due to no timeouts for some tracking server endpoints
pypi
aim
High
7 months ago
Open WebUI lacks authentication for the `api/v1/utils/pdf` endpoint
pypi
open-webui
High
7 months ago
H2O Vulnerable to Denial of Service (DoS) via `/3/ImportFiles` Endpoint
maven, pypi
ai.h2o:h2o-core, h2o
High
7 months ago
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file
pypi
open-webui
High
7 months ago
H2O Vulnerable to Denial of Service (DoS) via Large GZIP Parsing
maven, pypi
ai.h2o:h2o-core, h2o
High
7 months ago
H2O Vulnerable to Arbitrary File Overwrite via File Export
maven, pypi
ai.h2o:h2o-core, h2o
High
7 months ago
LlamaIndex vulnerable to Creation of Temporary File in Directory with Insecure Permissions
pypi
llama-index
High
7 months ago
LlamaIndex Improper Handling of Exceptional Conditions vulnerability
pypi
llama_index
High
7 months ago
InvokeAI has Denial of Service (DoS) vulnerability in `/api/v1/images/upload`
pypi
InvokeAI
High
7 months ago
H2O Vulnerable to Denial of Service (DoS) and File Write
maven, pypi
ai.h2o:h2o-ext-xgboost, h2o
High
7 months ago
H2O Vulnerable to Denial of Service (DoS) via `/3/Parse` Endpoint
maven, pypi
ai.h2o:h2o-core, h2o
High
7 months ago
H2O Vulnerable to Denial of Service (DoS) via `/3/ParseSetup` Endpoint
maven, pypi
ai.h2o:h2o-core, h2o
High
7 months ago
PostQuantum-Feldman-VSS'S Dependency Vulnerability in gmpy2 Leading to Interpreter Crash
pypi
PostQuantum-Feldman-VSS
High
7 months ago
dmlc/dgl Vulnerable to Remote Code Execution by Pickle Deserialization via rpc.recv_request()
pypi
dgl
High
7 months ago
Spotipy's cache file, containing spotify auth token, is created with overly broad permissions
pypi
spotipy
High
7 months ago
Malciously crafted QPY files can allows Remote Attackers to Cause Denial of Service in Qiskit
pypi
qiskit-terra, qiskit
High
8 months ago
Home Assistant does not correctly validate SSL for outgoing requests in core and used libs
pypi
homeassistant
High
8 months ago
Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint
pypi
label-studio
High
8 months ago
Label Studio has a Path Traversal Vulnerability via image Field
pypi
label-studio-sdk
High
8 months ago
CKAN has an XSS vector in user uploaded images in group/org and user profiles
pypi
ckan
High
8 months ago
snowflake-connector-python vulnerable to SQL Injection in write_pandas
pypi
snowflake-connector-python
High
8 months ago
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape
pypi
asteval
High
8 months ago
ASTEVAL Allows Malicious Tampering of Exposed AST Nodes Leads to Sandbox Escape
pypi
asteval
High
8 months ago
try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter
pypi
RestrictedPython
High
8 months ago
sniff_csv provides filesystem access even when enable_external_access is disabled in duckdb
pypi
duckdb
High
9 months ago
nbgrader's `frame-ancestors: self` grants all users access to formgrader
pypi
nbgrader
High
9 months ago
changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal
pypi
changedetection.io
High
9 months ago
Amazon Redshift Python Connector vulnerable to SQL Injection
pypi
redshift_connector
High
10 months ago
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution
pypi
pyrage
High
10 months ago
Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access
pypi
apache-superset
High
10 months ago
Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled
pypi
apache-superset
High
10 months ago
Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
pypi
matrix-synapse
High
10 months ago
Synapse allows a a malformed invite to break the invitee's `/sync`
pypi
matrix-synapse
High
10 months ago
Synapse allows unsupported content types to lead to memory exhaustion
pypi
matrix-synapse
High
10 months ago
Synapse denial of service through media disk space consumption
pypi
matrix-synapse
High
10 months ago
Denial of service (DoS) via deformation `multipart/form-data` boundary
pypi
python-multipart
High
10 months ago
MLflow's excessive directory permissions allow local privilege escalation
pypi
mlflow
High
10 months ago
virtualenv allows command injection through activation scripts for a virtual environment
pypi
virtualenv
Filter by Severity
Filter by Package
tensorflow
121
tensorflow-cpu
110
tensorflow-gpu
109
Django
38
mlflow
30
apache-airflow
29
salt
29
Plone
28
ansible
24
opencv-python
22
opencv-contrib-python
21
django
20
matrix-synapse
20
Pillow
18
pillow
18
gradio
17
rdiffweb
17
keystone
15
open-webui
15
vyper
14
mindsdb
13
apache-superset
13
nova
10
mercurial
9
neutron
9
cobbler
9
aim
9
litellm
9
lollms
9
h2o
9
moin
8
cryptography
8
plone
8
pyload-ng
8
ryu
7
opencv-contrib-python-headless
7
ai.h2o:h2o-core
7
trytond
6
mobsf
6
sentry
6
vllm
6
nautobot
6
aubio
6
opencv-python-headless
6
label-studio
6
kiwitcms
6
ethyca-fides
6
pyftpdlib
5
zope
5
paddlepaddle
5
notebook
5
glance
5
Zope2
5
waitress
5
agentscope
5
OctoPrint
5
pgadmin4
5
nltk
5
grpc
4
scrapy
4
onnx
4
fschat
4
swift
4
inventree
4
setuptools
4
calibreweb
4
grpcio
4
python-gnupg
4
pip
4
oauthenticator
4
vantage6
4
Zope
4
pyspark
4
RestrictedPython
4
numpy
4
transformers
4
skops
4
lief
4
tornado
4
urllib3
4
keras
4
esphome
4
wagtail
4
plone.app.theming
3
motioneye
3
sanic
3
yt-dlp
3
plone.supermodel
3
langchain
3
Moin
3
llama-index
3
modoboa
3
changedetection.io
3
flask
3
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
3
apache-airflow-providers-apache-spark
3
keyring
3
langflow
3
ydata-profiling
3
paramiko
3
langchain-community
3
cinder
3
ipython
3
keystonemiddleware
3
llama-index-core
3
awsiotsdk
3
plone.app.event
3
aws-iot-device-sdk-v2
3
indy-node
3
Jinja2
3
plone.app.dexterity
3
monai
3
gunicorn
3
open-webui
3
dbgpt
3
django-helpdesk
3
trac
3
protobuf
3
pretix
3
PaddlePaddle
3
lemur
2
Flask-Cors
2
pytorch-lightning
2
feedparser
2
snowflake-connector-python
2
jupyterhub
2
werkzeug
2
websockets
2
uWSGI
2
markdown-it-py
2
jupyter-server
2
mailman
2
starlite
2
mcp
2
langroid
2
python-multipart
2
ecdsa
2
copyparty
2
homeassistant
2
jupyterlab
2
asteval
2
clearml
2
mysql-connector-python
2
portage
2
matrix-sydent
2
aiohttp
2
rpyc
2
mistral
2
apache-airflow-providers-apache-drill
2
onionshare-cli
2
future
2
guardrails-ai
2
litestar
2
Weblate
2
apache-airflow-providers-apache-hive
2
pycryptodome
2
prefect
2
FreeTAKServer
2
uvicorn
2
flaskcode
2
llamafactory
2
Flask-AppBuilder
2
mesop
2
pyinstaller
2
keylime
2
pyo
2
fastecdsa
2
pyjwt
2
admesh
2
openvpn-monitor
2
ckan
2
Werkzeug
2
torch
2
org.apache.spark:spark-parent_2.12
2
bentoml
2
tlslite-ng
2
io.grpc:grpc-protobuf
2
lmdb
2
InvokeAI
2
zenml
2
pypqc
2
cherrypy
2
typed-ast
2
CairoSVG
2
Pygments
2
twisted
2
qutebrowser
2
sagemaker
2
nicegui
2
httpie
2
authlib
2
asyncua
2
pysaml2
2
tripleo-heat-templates
2
rsa
2
webargs
2
indico
2
bottle
2
refuel-autolabel
2
ebookmeta
2
Filter by Repository
https://github.com/tensorflow/tensorflow
122
https://github.com/django/django
51
https://github.com/apache/airflow
39
https://github.com/python-pillow/Pillow
35
https://github.com/opencv/opencv
25
https://github.com/ansible/ansible
19
https://github.com/ikus060/rdiffweb
17
https://github.com/plone/Products.CMFPlone
16
https://github.com/gradio-app/gradio
16
https://github.com/mlflow/mlflow
15
https://github.com/vyperlang/vyper
14
https://github.com/openstack/keystone
14
https://github.com/matrix-org/synapse
13
https://github.com/mindsdb/mindsdb
13
https://github.com/saltstack/salt
13
https://github.com/run-llama/llama_index
10
https://github.com/openstack/nova
9
https://github.com/PaddlePaddle/Paddle
8
https://github.com/h2oai/h2o-3
8
https://github.com/pyca/cryptography
8
https://github.com/pyload/pyload
8
https://github.com/cobbler/cobbler
7
https://github.com/parisneo/lollms
7
https://github.com/MobSF/Mobile-Security-Framework-MobSF
7
https://github.com/faucetsdn/ryu
7
https://github.com/kiwitcms/Kiwi
6
https://github.com/open-webui/open-webui
6
https://github.com/getsentry/sentry
6
https://github.com/pgadmin-org/pgadmin4
6
https://github.com/nautobot/nautobot
6
https://github.com/ethyca/fides
6
https://github.com/aubio/aubio
6
https://github.com/vllm-project/vllm
6
https://github.com/zopefoundation/Zope
5
https://github.com/openstack/neutron
5
https://github.com/HumanSignal/label-studio
5
https://github.com/Pylons/waitress
5
https://github.com/element-hq/synapse
5
https://github.com/langchain-ai/langchain
5
https://github.com/vantage6/vantage6
5
https://github.com/lief-project/LIEF
4
https://github.com/BerriAI/litellm
4
https://github.com/zopefoundation/RestrictedPython
4
https://github.com/scrapy/scrapy
4
https://github.com/keras-team/keras
4
https://github.com/jupyterhub/oauthenticator
4
https://github.com/onnx/onnx
4
https://github.com/berriai/litellm
4
https://github.com/tornadoweb/tornado
4
https://github.com/OctoPrint/OctoPrint
4
https://github.com/wagtail/wagtail
4
https://github.com/apache/superset
4
https://github.com/aimhubio/aim
4
https://github.com/numpy/numpy
4
https://github.com/nltk/nltk
4
https://github.com/urllib3/urllib3
4
https://github.com/huggingface/transformers
4
https://github.com/esphome/esphome
4
https://github.com/pyca/pyopenssl
3
https://github.com/pallets/werkzeug
3
https://github.com/aws/aws-iot-device-sdk-java-v2
3
https://github.com/GeoNode/geonode
3
https://github.com/jupyter-server/jupyter_server
3
https://github.com/modelscope/agentscope
3
https://github.com/benoitc/gunicorn
3
https://github.com/inventree/InvenTree
3
https://github.com/openstack/cinder
3
https://github.com/giampaolo/pyftpdlib
3
https://github.com/tryton/trytond
3
https://github.com/pypa/setuptools
3
https://github.com/Kludex/python-multipart
3
https://github.com/langflow-ai/langflow
3
https://sourceforge.net/projects/sourceforge.net
3
https://github.com/grpc/grpc
3
https://github.com/Project-MONAI/MONAI
3
https://github.com/twisted/twisted
3
https://github.com/pypa/pip
3
https://github.com/dgtlmoon/changedetection.io
3
https://github.com/encode/starlette
3
https://github.com/ipython/ipython
3
https://github.com/skops-dev/skops
3
https://github.com/hyperledger/indy-node
3
https://github.com/pyinstaller/pyinstaller
3
https://github.com/yt-dlp/yt-dlp
3
https://github.com/keylime/keylime
3
https://github.com/openstack/glance
3
https://github.com/openstack/swift
3
https://github.com/octoprint/octoprint
3
https://github.com/python/cpython
3
https://github.com/django-helpdesk/django-helpdesk
3
https://github.com/janeczku/calibre-web
3
https://sourceforge.net/projects/roject
3
https://github.com/tomerfiliba-org/rpyc
2
https://github.com/hiyouga/LLaMA-Factory
2
https://github.com/9001/copyparty
2
https://github.com/python-poetry/poetry
2
https://github.com/spotify/luigi
2
https://github.com/invoke-ai/InvokeAI
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/AntonKueltz/fastecdsa
2
https://github.com/heartexlabs/label-studio
2
https://github.com/jupyterlab/jupyterlab
2
https://github.com/ietf-tools/xml2rfc
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/WeblateOrg/weblate
2
https://github.com/pretix/pretix
2
https://github.com/wasm3/wasm3
2
https://github.com/bottlepy/bottle
2
https://github.com/admesh/admesh
2
https://github.com/man-group/dtale
2
https://github.com/zenml-io/zenml
2
https://github.com/jupyterhub/jupyterhub
2
https://github.com/stchris/untangle
2
https://github.com/dlitz/pycrypto
2
https://github.com/sanic-org/sanic
2
https://gitlab.com/daniele_m/cve-list
2
https://github.com/langroid/langroid
2
https://github.com/aio-libs/aiohttp-session
2
https://github.com/TeamSeri0us/pocs
2
https://github.com/jupyter/jupyter_core
2
https://github.com/poezio/slixmpp
2
https://github.com/FreeTAKTeam/FreeTakServer
2
https://github.com/qutebrowser/qutebrowser
2
https://github.com/furlongm/openvpn-monitor
2
https://github.com/aws/sagemaker-python-sdk
2
https://github.com/indico/indico
2
https://github.com/jupyter/notebook
2
https://github.com/litestar-org/litestar
2
https://github.com/aio-libs/aiohttp
2
https://github.com/pygments/pygments
2
https://github.com/jaraco/keyring
2
https://github.com/Netflix/lemur
2
https://github.com/refuel-ai/autolabel
2
https://github.com/pallets/flask
2
https://github.com/geopython/OWSLib
2
https://github.com/aaugustin/websockets
2
https://github.com/guardrails-ai/guardrails
2
https://github.com/jhpyle/docassemble
2
https://github.com/aws/amazon-redshift-python-driver
2
https://github.com/pypa/advisory-db
2
https://github.com/andialbrecht/sqlparse
2
https://github.com/dnkorpushov/ebookmeta
2
https://github.com/onionshare/onionshare
2
https://github.com/jpadilla/pyjwt
2
https://github.com/Kozea/CairoSVG
2
https://github.com/snowflakedb/snowflake-connector-python
2
https://github.com/JamesTheAwesomeDude/pypqc
2
https://github.com/modelcontextprotocol/python-sdk
2
https://github.com/gitpython-developers/GitPython
2
https://github.com/home-assistant/core
2
https://github.com/corydolphin/flask-cors
2
https://github.com/FreeOpcUa/opcua-asyncio
2
https://github.com/Legrandin/pycryptodome
2
https://github.com/mmaitre314/picklescan
2
https://github.com/zauberzeug/nicegui
2
https://github.com/belangeo/pyo
2
https://github.com/sybrenstuvel/python-rsa
2
https://github.com/paramiko/paramiko
2
https://github.com/lmfit/asteval
2
https://github.com/openstack/mistral
2
https://github.com/modoboa/modoboa
2
https://github.com/pytorch/pytorch
2
https://github.com/executablebooks/markdown-it-py
2
https://github.com/marshmallow-code/webargs
2
https://github.com/bram85/topydo
1
https://github.com/plone/Products.isurlinportal
1
https://github.com/Carglglz/upydev
1
https://github.com/stealthcopter/CVE-2020-28243
1
https://github.com/eosphoros-ai/DB-GPT
1
https://github.com/microsoft/torchgeo
1
https://github.com/tanghaibao/jcvi
1
https://github.com/jupyterhub/kubespawner
1
https://github.com/piccolo-orm/piccolo_admin
1
https://github.com/wandb/weave
1
https://github.com/danielgatis/rembg
1
https://github.com/martinpitt/python-dbusmock
1
https://github.com/openexr/openexr
1
https://github.com/ClusterLabs/crmsh
1
https://github.com/starkbank/ecdsa-python
1
https://github.com/apache/qpid-python
1
https://github.com/httpie/cli
1
https://github.com/awslabs/autogluon
1
https://github.com/ComposioHQ/composio
1
https://github.com/horovod/horovod
1
https://github.com/rennf93/fastapi-guard
1
https://github.com/cocagne/pysrp
1
https://github.com/unoconv/unoconv
1
https://github.com/lfittl/libpg_query
1
https://github.com/gventuri/pandas-ai
1
https://github.com/PythonCharmers/python-future
1
https://github.com/meraki/dashboard-api-python
1
https://github.com/szad670401/HyperLPR
1
https://github.com/lepture/mistune
1
https://github.com/nicotine-plus/nicotine-plus
1
https://github.com/starlite-api/starlite
1
https://github.com/FreeTAKTeam/UI
1
https://github.com/rucio/rucio
1
https://github.com/Kinto/kinto-attachment
1
https://github.com/erinxocon/requests-xml
1