pypi
755,850 packages · pypi.org
Security Advisories in pypi
Moderate
about 1 year ago
Exiv2 has an out-of-bounds read in QuickTimeVideo::NikonTagsDecoder
pypi
exiv2
High
about 1 year ago
MySQL Connector/Python connector takeover vulnerability
pypi
mysql-connector-python
Critical
about 1 year ago
changedetection.io has a Server Side Template Injection using Jinja2 which allows Remote Command Execution
pypi
changedetection.io
Moderate
about 1 year ago
OpenCanary Executes Commands From Potentially Writable Config File
pypi
OpenCanary
Moderate
about 1 year ago
Lord of Large Language Models (LoLLMs) path traversal vulnerability in the api open_personality_folder endpoint
pypi
lollms
Low
about 1 year ago
Lord of Large Language Models (LoLLMs) Server path traversal vulnerability in lollms_file_system.py
pypi
lollms
Low
about 1 year ago
Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list
pypi
gradio
Moderate
about 1 year ago
Gradio has an XSS on every Gradio server via upload of HTML files, JS files, or SVG files
pypi
gradio
High
about 1 year ago
Gradio uses insecure communication between the FRP client and server
pypi
gradio
High
about 1 year ago
Gradio has a race condition in update_root_in_config may redirect user traffic
pypi
gradio
Moderate
about 1 year ago
Gradio performs a non-constant-time comparison when comparing hashes
pypi
gradio
Moderate
about 1 year ago
Gradio has several components with post-process steps allow arbitrary file leaks
pypi
gradio
Low
about 1 year ago
In Gradio, the `enable_monitoring` flag set to `False` does not disable monitoring
pypi
gradio
Moderate
about 1 year ago
Gradio vulnerable to SSRF in the path parameter of /queue/join
pypi
gradio
Moderate
about 1 year ago
Gradio has a one-level read path traversal in `/custom_component`
pypi
gradio
High
about 1 year ago
Gradios's CORS origin validation is not performed when the request has a cookie
pypi
gradio
Low
about 1 year ago
open-webui allows enumeration of file names and traversal of directories by observing the error messages
pypi
open-webui
Moderate
about 1 year ago
open-webui Insecure Direct Object Reference (IDOR) vulnerability
pypi
open-webui
Moderate
about 1 year ago
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters
pypi
Django
Moderate
about 1 year ago
OpenStack Ironic fails to verify checksums of supplied image_source URLs
pypi
ironic
Moderate
about 1 year ago
Inventree Server-Side Request Forgery vulnerability exposes server port/internal IP
pypi
inventree
High
about 1 year ago
RestrictedPython information leakage via `AttributeError.obj` and the `string` module
pypi
RestrictedPython
High
about 1 year ago
Heap-based Buffer Overflow in sqlite-vec
cargo, rubygems, npm, pypi
sqlite-vec
Moderate
about 1 year ago
Cross-Site Request Forgery (CSRF) in strawberry-graphql
pypi
strawberry-graphql
Critical
about 1 year ago
LangChain Experimental Eval Injection vulnerability
pypi
langchain-experimental
High
about 1 year ago
Mesop has a local file Inclusion via static file serving functionality
pypi
mesop
Moderate
about 1 year ago
Heap-based Buffer Overflow in MicroPython
pypi
micropython-string, micropython-os-path, micropython-io, micropython-copy
Moderate
about 1 year ago
heap-buffer-overflow in MicroPython
pypi
micropython-os, micropython-io, micropython-copy
High
about 1 year ago
Sentry improperly authorizes deletion of user issue alert notifications
pypi
sentry
High
about 1 year ago
Ansible vulnerable to Insertion of Sensitive Information into Log File
pypi
ansible-core
Moderate
about 1 year ago
Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs
pypi
aws-sam-cli
Moderate
about 1 year ago
AWS SageMaker Training Toolkit logs CodeArtifact Authorization token
pypi
sagemaker-training
Moderate
about 1 year ago
D-Tale vulnerable to Remote Code Execution through the Query input on Chart Builder
pypi
dtale
High
about 1 year ago
Apache Airflow vulnerable to Execution with Unnecessary Privileges
pypi
apache-airflow
High
about 1 year ago
Apache Airflow vulnerable to Improper Encoding or Escaping of Output
pypi
apache-airflow
Moderate
about 1 year ago
HTML injection in JupyterLite leading to DOM Clobbering
pypi
jupyterlite-core
Critical
about 1 year ago
H2O.ai H2O vulnerable to deserialization attacks via a JDBC Connection URL
pypi, maven
h2o, ai.h2o:h2o-core
High
about 1 year ago
MindsDB Vulnerable to Bypass of SSRF Protection with DNS Rebinding
pypi
mindsdb
Moderate
about 1 year ago
Flask-AppBuilder's login form allows browser to cache sensitive fields
pypi
flask-appbuilder
High
about 1 year ago
Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine
pypi
ethyca-fides
Low
about 1 year ago
Timing-Based Username Enumeration Vulnerability in Fides Webserver Authentication
pypi
ethyca-fides
Moderate
about 1 year ago
pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels
pypi
cryptography
High
about 1 year ago
opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
pypi
opencv-python
High
about 1 year ago
opencv-contrib-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
pypi
opencv-contrib-python
High
about 1 year ago
opencv-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
pypi
opencv-python-headless
High
about 1 year ago
opencv-contrib-python-headless bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
pypi
opencv-contrib-python-headless
High
about 1 year ago
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
pypi
GeoNode
Low
about 1 year ago
LTI 1.3 Grade Pass Back Implementation has Missing Authorization Vulnerability
pypi
lti-consumer-xblock
High
about 1 year ago
nanopb vulnerable to invalid free() call with oneofs and PB_ENABLE_MALLOC
pypi
nanopb
High
about 1 year ago
Hyperledger Indy's update process of a DID does not check who signs the request
pypi
indy-node
High
about 1 year ago
HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
pypi
jupyterlab, notebook
Filter by Severity
Filter by Package
tensorflow
433
tensorflow-cpu
409
tensorflow-gpu
394
apache-airflow
89
Django
89
salt
65
ansible
64
apache-superset
61
mlflow
55
Plone
54
nova
48
django
48
gradio
44
vyper
44
matrix-synapse
43
rdiffweb
42
plone
41
picklescan
39
moin
35
keystone
32
vllm
31
opencv-python
31
opencv-contrib-python
31
pillow
28
Pillow
28
open-webui
27
pyload-ng
24
glance
21
aim
20
ethyca-fides
20
neutron
19
langchain
19
transformers
19
cobbler
18
mindsdb
18
mercurial
18
calibreweb
17
notebook
17
cryptography
17
OctoPrint
17
PaddlePaddle
16
lollms
16
paddlepaddle
16
pgadmin4
16
h2o
15
aiohttp
15
modoboa
14
urllib3
14
litellm
14
zenml
14
mobsf
14
vantage6
14
pyftpdlib
14
roundup
13
nautobot
12
sentry
12
twisted
12
wagtail
12
swift
12
horizon
11
onionshare-cli
11
label-studio
11
waitress
11
ckan
11
ai.h2o:h2o-core
11
Flask-AppBuilder
10
trytond
10
opencv-python-headless
10
kiwitcms
9
changedetection.io
9
keras
9
opencv-contrib-python-headless
9
cinder
9
ryu
9
zope
9
agentscope
9
lief
9
llama-index
9
numpy
8
aubio
8
indico
8
ipython
8
bentoml
8
tornado
8
pip
8
copyparty
8
dbgpt
8
Zope
8
llama-index-core
8
trac
8
python-keystoneclient
8
Zope2
8
requests
7
web2py
7
codechecker
7
jupyter-server
7
executorch
7
inventree
7
pysaml2
7
matrix-sydent
7
scrapy
7
yt-dlp
6
dtale
6
torch
6
snowflake-connector-python
6
Moin
6
tuf
6
apache-airflow-providers-apache-hive
6
OpenEXR
6
ansible-core
6
torchserve
6
whoogle-search
6
mailman
6
graphite-web
6
Mezzanine
6
lxml
6
mage-ai
6
langflow
6
Jinja2
6
onnx
5
pypdf
5
nltk
5
langchain-community
5
Weblate
5
oauthenticator
5
grpcio
5
open-webui
5
keylime
5
weblate
5
grpc
5
pretix
5
python-gnupg
5
mitmproxy
5
lmdb
5
esphome
5
saleor
5
werkzeug
5
starlette
5
composio-core
5
fschat
5
omero-web
5
jupyterhub
5
ray
5
feedparser
5
bleach
5
mayan-edms
5
Products.CMFPlone
5
homeassistant
5
ait-core
5
langchain-experimental
5
jupyterlab
5
Werkzeug
5
jwcrypto
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
MaterialX
4
flask-cors
4
markdown2
4
setuptools
4
Flask-Security-Too
4
bottle
4
llamafactory
4
litestar
4
FreeTAKServer-UI
4
paramiko
4
Scrapy
4
PyPDF2
4
streamlit
4
motioneye
4
bbot
4
pyspark
4
aws-iot-device-sdk-v2
4
jinja2
4
skops
4
xml2rfc
4
authlib
4
datasette
4
octoprint
4
langchain-core
4
nvflare
4
tripleo-heat-templates
4
Radicale
4
barbican
4
Keystone
4
RestrictedPython
4
reportlab
4
pandasai
4
InvokeAI
4
flask-appbuilder
4
qutebrowser
4
pywasm3
4
dbt-core
4
indy-node
4
koji
4
GitPython
4
httpie
4
buildbot
4
flask
4
awsiotsdk
4
Pygments
4
frappe
4
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/django/django
121
https://github.com/apache/airflow
105
https://github.com/ansible/ansible
59
https://github.com/python-pillow/Pillow
52
https://github.com/vyperlang/vyper
44
https://github.com/saltstack/salt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/mmaitre314/picklescan
39
https://github.com/gradio-app/gradio
39
https://github.com/openstack/nova
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/mlflow/mlflow
36
https://github.com/opencv/opencv
32
https://github.com/matrix-org/synapse
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/openstack/keystone
28
https://github.com/vllm-project/vllm
25
https://github.com/langchain-ai/langchain
25
https://github.com/run-llama/llama_index
24
https://github.com/pyload/pyload
24
https://github.com/ethyca/fides
20
https://github.com/huggingface/transformers
19
https://github.com/vantage6/vantage6
17
https://github.com/mindsdb/mindsdb
17
https://github.com/pyca/cryptography
16
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/aio-libs/aiohttp
15
https://github.com/cobbler/cobbler
15
https://github.com/apache/superset
14
https://github.com/urllib3/urllib3
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/twisted/twisted
14
https://github.com/janeczku/calibre-web
14
https://github.com/zenml-io/zenml
13
https://github.com/modoboa/modoboa
13
https://github.com/h2oai/h2o-3
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/nautobot/nautobot
12
https://github.com/openstack/glance
12
https://github.com/getsentry/sentry
12
https://github.com/wagtail/wagtail
12
https://github.com/parisneo/lollms
11
https://github.com/open-webui/open-webui
11
https://github.com/Pylons/waitress
11
https://github.com/onionshare/onionshare
11
https://github.com/scrapy/scrapy
11
https://github.com/HumanSignal/label-studio
10
https://github.com/ckan/ckan
10
https://github.com/WeblateOrg/weblate
10
https://github.com/jupyter/notebook
10
https://github.com/lief-project/LIEF
9
https://github.com/element-hq/synapse
9
https://github.com/keras-team/keras
9
https://github.com/BerriAI/litellm
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/zopefoundation/Zope
9
https://github.com/openstack/horizon
9
https://github.com/faucetsdn/ryu
9
https://github.com/aimhubio/aim
9
https://github.com/ipython/ipython
8
https://github.com/tornadoweb/tornado
8
https://github.com/pallets/werkzeug
8
https://github.com/numpy/numpy
8
https://github.com/octoprint/octoprint
8
https://github.com/9001/copyparty
8
https://github.com/openstack/neutron
8
https://github.com/kiwitcms/Kiwi
8
https://github.com/dgtlmoon/changedetection.io
8
https://github.com/jupyter-server/jupyter_server
7
https://github.com/indico/indico
7
https://github.com/py-pdf/pypdf
7
https://github.com/pypa/pip
7
https://github.com/pytorch/executorch
7
https://github.com/aubio/aubio
7
https://github.com/Ericsson/codechecker
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/openstack/cinder
7
https://github.com/openstack/swift
7
https://github.com/pytorch/pytorch
7
https://github.com/pallets/jinja
7
https://github.com/modelscope/agentscope
6
https://github.com/man-group/dtale
6
https://github.com/psf/requests
6
https://github.com/matrix-org/sydent
6
https://github.com/jupyterlab/jupyterlab
6
https://github.com/benbusby/whoogle-search
6
https://github.com/roundup-tracker/roundup
6
https://github.com/lxml/lxml
6
https://github.com/corydolphin/flask-cors
6
https://github.com/snowflakedb/snowflake-connector-python
6
https://github.com/graphite-project/graphite-web
6
https://github.com/keylime/keylime
6
https://github.com/yt-dlp/yt-dlp
6
https://github.com/inventree/InvenTree
5
https://github.com/tryton/trytond
5
https://github.com/onnx/onnx
5
https://github.com/jupyterhub/oauthenticator
5
https://github.com/mitmproxy/mitmproxy
5
https://github.com/esphome/esphome
5
https://github.com/bentoml/BentoML
5
https://github.com/pytorch/serve
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/encode/starlette
5
https://github.com/home-assistant/core
5
https://github.com/ComposioHQ/composio
5
https://github.com/mozilla/bleach
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/hwchase17/langchain
5
https://github.com/ome/omero-web
5
https://github.com/ray-project/ray
5
https://github.com/Exiv2/exiv2
5
https://github.com/django-helpdesk/django-helpdesk
4
https://github.com/Kozea/Radicale
4
https://github.com/python-ldap/python-ldap
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/jupyterhub/jupyterhub
4
https://github.com/hiyouga/LLaMA-Factory
4
https://github.com/web2py/web2py
4
https://github.com/berriai/litellm
4
https://github.com/ietf-tools/xml2rfc
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/jhpyle/docassemble
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/wasm3/wasm3
4
https://github.com/nltk/nltk
4
https://github.com/frappe/frappe
4
https://github.com/mlc-ai/xgrammar
4
https://github.com/latchset/jwcrypto
4
https://github.com/streamlit/streamlit
4
https://github.com/hyperledger/indy-node
4
https://github.com/zopefoundation/RestrictedPython
4
https://github.com/AcademySoftwareFoundation/openexr
4
https://github.com/litestar-org/litestar
4
https://github.com/pypa/setuptools
4
https://github.com/Cog-Creators/Red-DiscordBot
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/eosphoros-ai/DB-GPT
4
https://github.com/blacklanternsecurity/bbot
4
https://github.com/rohe/pysaml2
4
https://github.com/bottlepy/bottle
4
https://github.com/AcademySoftwareFoundation/MaterialX
4
https://github.com/ronf/asyncssh
4
https://github.com/langflow-ai/langflow
4
https://github.com/simonw/datasette
4
https://github.com/pallets/flask
4
https://github.com/saleor/saleor
4
https://github.com/pretix/pretix
4
https://github.com/grpc/grpc
4
https://github.com/dbt-labs/dbt-core
4
https://github.com/jpadilla/pyjwt
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/eventlet/eventlet
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/ankitects/anki
3
https://github.com/gventuri/pandas-ai
3
https://github.com/astral-sh/uv
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/benoitc/gunicorn
3
https://github.com/aws/sagemaker-python-sdk
3
https://github.com/langchain-ai/langgraph
3
https://github.com/Kludex/python-multipart
3
https://github.com/aws/aws-sam-cli
3
https://github.com/furlongm/openvpn-monitor
3
https://github.com/langroid/langroid
3
https://github.com/djblets/djblets
3
https://github.com/mpdavis/python-jose
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/Flask-Middleware/flask-security
3
https://github.com/pyinstaller/pyinstaller
3
https://github.com/dlitz/pycrypto
3
https://github.com/openstack/octavia
3
https://github.com/khoj-ai/khoj
3
https://github.com/openstack/ironic
3
https://github.com/chatchat-space/Langchain-Chatchat
3
https://github.com/Project-MONAI/MONAI
3
https://github.com/adamghill/django-unicorn
3
https://github.com/poezio/slixmpp
3
https://github.com/pyca/pyopenssl
3
https://github.com/ansible/ansible-runner
3
https://github.com/lepture/mistune
3
https://github.com/geyang/ml-logger
3
https://github.com/certifi/python-certifi
3
https://github.com/python/cpython
3
https://github.com/pygments/pygments
3
https://github.com/theupdateframework/tuf
3
https://github.com/sosreport/sos
3
https://github.com/Gerapy/Gerapy
3
https://github.com/micropython/micropython
3
https://github.com/zauberzeug/nicegui
3
https://github.com/trentm/python-markdown2
3
https://github.com/authlib/authlib
3
https://github.com/yaml/pyyaml
3
https://github.com/stephenmcd/mezzanine
3
https://github.com/DavidOsipov/PostQuantum-Feldman-VSS
3
https://github.com/GeoNode/geonode
3