pypi
755,850 packages · pypi.org
Security Advisories in pypi
Moderate
about 1 year ago
FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function
pypi
fastapi-admin
Moderate
about 1 year ago
FastAPI Admin Cross-site Scripting vulnerability in the Config-Create function
pypi
fastapi-admin
Moderate
over 1 year ago
Mage AI incorrectly gives privileges to users with deleted accounts
pypi
mage-ai
Critical
over 1 year ago
LlamaIndex includes an exec call for `import {cls_name}`
pypi
llama-index-core
Moderate
over 1 year ago
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
pypi
mage-ai
Moderate
over 1 year ago
CKAN has Cross-site Scripting vector in the Datatables view plugin
pypi
ckan
Moderate
over 1 year ago
CKAN may leak Solr credentials via error message in package_search action
pypi
ckan
Moderate
over 1 year ago
Khoj Vulnerable to Stored Cross-site Scripting In Automate (Preview feature)
pypi
khoj
High
over 1 year ago
Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files
pypi
mobsf
High
over 1 year ago
Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default
pypi
Flask-Cors
Moderate
over 1 year ago
WebOb's location header normalization during redirect leads to open redirect
pypi
webob
Moderate
over 1 year ago
In aiohttp, compressed files as symlinks are not protected from path traversal
pypi
aiohttp
High
over 1 year ago
JupyterHub has a privilege escalation vulnerability with the `admin:users` scope
pypi
jupyterhub
High
over 1 year ago
Pulp incorrectly assigns RBAC permissions in tasks that create objects
pypi
pulpcore
Low
over 1 year ago
Apache Airflow Providers FAB Insufficient Session Expiration vulnerability
pypi
apache-airflow-providers-fab
High
over 1 year ago
Insecure Jinja2 templates rendered in Haystack Components can lead to RCE
pypi
haystack-ai
High
over 1 year ago
TensorFlow has segfault in array_ops.upper_bound
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Moderate
over 1 year ago
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
pypi
Nova
Moderate
over 1 year ago
ops leaking secrets if `subprocess.CalledProcessError` happens with a `secret-*` CLI command
pypi
ops
High
over 1 year ago
Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference
pypi
guardrails-ai
Low
over 1 year ago
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`
pypi
puncia
Critical
over 1 year ago
TorchServe vulnerable to bypass of allowed_urls configuration
pypi
torchserve
Low
over 1 year ago
Sentry's Python SDK unintentionally exposes environment variables to subprocesses
pypi
sentry-sdk
Low
over 1 year ago
dbt has an implicit override for built-in materializations from installed packages
pypi
dbt-core
High
over 1 year ago
Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler
pypi
apache-airflow
Moderate
over 1 year ago
Apache Airflow Potential Cross-site Scripting Vulnerability
pypi
apache-airflow
Moderate
over 1 year ago
Apache Superset vulnerable to improper SQL authorization
pypi
apache-superset
Critical
over 1 year ago
langchain-experimental vulnerable to Arbitrary Code Execution
pypi
langchain-experimental
Moderate
over 1 year ago
Red-DiscordBot vulnerable to Incorrect Authorization in commands API
pypi
Red-DiscordBot
High
over 1 year ago
Wagtail regular expression denial-of-service via search query parsing
pypi
wagtail
Low
over 1 year ago
yt-dlp has dependency on potentially malicious third-party code in Douyu extractors
pypi
yt-dlp
Moderate
over 1 year ago
Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL
pypi
ethyca-fides
High
over 1 year ago
OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access
pypi
nova, glance, cinder
Low
over 1 year ago
Inclusion of Untrusted polyfill.io Code Vulnerability in fides.js
pypi
ethyca-fides
High
over 1 year ago
yt-dlp File system modification and RCE through improper file-extension sanitization
pypi
yt-dlp
High
over 1 year ago
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE
pypi
lollms
Critical
over 1 year ago
vanna vulnerable to remote code execution caused by prompt injection
pypi
vanna
Critical
over 1 year ago
pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint
pypi
lightning
Critical
over 1 year ago
litellm vulnerable to remote code execution based on using eval unsafely
pypi
litellm
High
over 1 year ago
lollms vulnerable to path traversal due to unauthenticated root folder settings change
pypi
lollms
Moderate
over 1 year ago
litellm vulnerable to improper access control in team management
pypi
litellm
Moderate
over 1 year ago
CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
pypi
codechecker
Filter by Severity
Filter by Package
tensorflow
433
tensorflow-cpu
409
tensorflow-gpu
394
apache-airflow
89
Django
89
salt
65
ansible
64
apache-superset
61
mlflow
55
Plone
54
django
48
nova
48
vyper
44
gradio
44
matrix-synapse
43
rdiffweb
42
plone
41
picklescan
39
moin
35
keystone
32
vllm
31
opencv-python
31
opencv-contrib-python
31
Pillow
28
pillow
28
open-webui
27
pyload-ng
24
glance
21
ethyca-fides
20
aim
20
neutron
19
langchain
19
transformers
19
cobbler
18
mindsdb
18
mercurial
18
calibreweb
17
notebook
17
cryptography
17
OctoPrint
17
paddlepaddle
16
pgadmin4
16
lollms
16
PaddlePaddle
16
h2o
15
aiohttp
15
urllib3
14
modoboa
14
zenml
14
litellm
14
pyftpdlib
14
mobsf
14
vantage6
14
roundup
13
twisted
12
sentry
12
wagtail
12
swift
12
nautobot
12
horizon
11
onionshare-cli
11
waitress
11
label-studio
11
ckan
11
ai.h2o:h2o-core
11
trytond
10
opencv-python-headless
10
Flask-AppBuilder
10
kiwitcms
9
changedetection.io
9
keras
9
opencv-contrib-python-headless
9
cinder
9
ryu
9
zope
9
agentscope
9
lief
9
llama-index
9
dbgpt
8
aubio
8
ipython
8
llama-index-core
8
trac
8
Zope
8
pip
8
copyparty
8
indico
8
tornado
8
bentoml
8
python-keystoneclient
8
numpy
8
Zope2
8
requests
7
scrapy
7
jupyter-server
7
codechecker
7
executorch
7
inventree
7
matrix-sydent
7
web2py
7
pysaml2
7
yt-dlp
6
mailman
6
lxml
6
torchserve
6
OpenEXR
6
tuf
6
mage-ai
6
Moin
6
dtale
6
graphite-web
6
ansible-core
6
snowflake-connector-python
6
apache-airflow-providers-apache-hive
6
Jinja2
6
Mezzanine
6
langflow
6
torch
6
whoogle-search
6
Weblate
5
pypdf
5
nltk
5
langchain-community
5
oauthenticator
5
grpcio
5
onnx
5
open-webui
5
keylime
5
bleach
5
grpc
5
pretix
5
python-gnupg
5
mitmproxy
5
lmdb
5
esphome
5
saleor
5
jupyterlab
5
werkzeug
5
composio-core
5
fschat
5
omero-web
5
jupyterhub
5
ray
5
starlette
5
feedparser
5
mayan-edms
5
Products.CMFPlone
5
homeassistant
5
ait-core
5
langchain-experimental
5
weblate
5
Werkzeug
5
jwcrypto
4
bottle
4
llamafactory
4
flask-cors
4
Flask-Security-Too
4
flask
4
Pygments
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
litestar
4
motioneye
4
FreeTAKServer-UI
4
paramiko
4
setuptools
4
PyPDF2
4
streamlit
4
aws-iot-device-sdk-v2
4
bbot
4
pyspark
4
xml2rfc
4
tripleo-heat-templates
4
skops
4
buildbot
4
Keystone
4
nvflare
4
octoprint
4
langchain-core
4
barbican
4
datasette
4
Radicale
4
jinja2
4
authlib
4
Scrapy
4
RestrictedPython
4
InvokeAI
4
reportlab
4
flask-appbuilder
4
qutebrowser
4
python-ldap
4
pywasm3
4
indy-node
4
dbt-core
4
GitPython
4
httpie
4
awsiotsdk
4
koji
4
pytorch-lightning
4
pandasai
4
Nova
4
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/django/django
121
https://github.com/apache/airflow
105
https://github.com/ansible/ansible
59
https://github.com/python-pillow/Pillow
52
https://github.com/vyperlang/vyper
44
https://github.com/saltstack/salt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/mmaitre314/picklescan
39
https://github.com/gradio-app/gradio
39
https://github.com/openstack/nova
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/mlflow/mlflow
36
https://github.com/opencv/opencv
32
https://github.com/matrix-org/synapse
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/openstack/keystone
28
https://github.com/vllm-project/vllm
25
https://github.com/langchain-ai/langchain
25
https://github.com/run-llama/llama_index
24
https://github.com/pyload/pyload
24
https://github.com/ethyca/fides
20
https://github.com/huggingface/transformers
19
https://github.com/vantage6/vantage6
17
https://github.com/mindsdb/mindsdb
17
https://github.com/pyca/cryptography
16
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/aio-libs/aiohttp
15
https://github.com/cobbler/cobbler
15
https://github.com/apache/superset
14
https://github.com/urllib3/urllib3
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/twisted/twisted
14
https://github.com/janeczku/calibre-web
14
https://github.com/zenml-io/zenml
13
https://github.com/modoboa/modoboa
13
https://github.com/h2oai/h2o-3
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/nautobot/nautobot
12
https://github.com/openstack/glance
12
https://github.com/getsentry/sentry
12
https://github.com/wagtail/wagtail
12
https://github.com/parisneo/lollms
11
https://github.com/open-webui/open-webui
11
https://github.com/Pylons/waitress
11
https://github.com/onionshare/onionshare
11
https://github.com/scrapy/scrapy
11
https://github.com/HumanSignal/label-studio
10
https://github.com/ckan/ckan
10
https://github.com/WeblateOrg/weblate
10
https://github.com/jupyter/notebook
10
https://github.com/lief-project/LIEF
9
https://github.com/element-hq/synapse
9
https://github.com/keras-team/keras
9
https://github.com/BerriAI/litellm
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/zopefoundation/Zope
9
https://github.com/openstack/horizon
9
https://github.com/faucetsdn/ryu
9
https://github.com/aimhubio/aim
9
https://github.com/ipython/ipython
8
https://github.com/tornadoweb/tornado
8
https://github.com/pallets/werkzeug
8
https://github.com/numpy/numpy
8
https://github.com/octoprint/octoprint
8
https://github.com/9001/copyparty
8
https://github.com/openstack/neutron
8
https://github.com/kiwitcms/Kiwi
8
https://github.com/dgtlmoon/changedetection.io
8
https://github.com/jupyter-server/jupyter_server
7
https://github.com/indico/indico
7
https://github.com/py-pdf/pypdf
7
https://github.com/pypa/pip
7
https://github.com/pytorch/executorch
7
https://github.com/aubio/aubio
7
https://github.com/Ericsson/codechecker
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/openstack/cinder
7
https://github.com/openstack/swift
7
https://github.com/pytorch/pytorch
7
https://github.com/pallets/jinja
7
https://github.com/modelscope/agentscope
6
https://github.com/man-group/dtale
6
https://github.com/psf/requests
6
https://github.com/matrix-org/sydent
6
https://github.com/jupyterlab/jupyterlab
6
https://github.com/benbusby/whoogle-search
6
https://github.com/roundup-tracker/roundup
6
https://github.com/lxml/lxml
6
https://github.com/corydolphin/flask-cors
6
https://github.com/snowflakedb/snowflake-connector-python
6
https://github.com/graphite-project/graphite-web
6
https://github.com/keylime/keylime
6
https://github.com/yt-dlp/yt-dlp
6
https://github.com/inventree/InvenTree
5
https://github.com/tryton/trytond
5
https://github.com/onnx/onnx
5
https://github.com/jupyterhub/oauthenticator
5
https://github.com/mitmproxy/mitmproxy
5
https://github.com/esphome/esphome
5
https://github.com/bentoml/BentoML
5
https://github.com/pytorch/serve
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/encode/starlette
5
https://github.com/home-assistant/core
5
https://github.com/ComposioHQ/composio
5
https://github.com/mozilla/bleach
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/hwchase17/langchain
5
https://github.com/ome/omero-web
5
https://github.com/ray-project/ray
5
https://github.com/Exiv2/exiv2
5
https://github.com/django-helpdesk/django-helpdesk
4
https://github.com/Kozea/Radicale
4
https://github.com/python-ldap/python-ldap
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/jupyterhub/jupyterhub
4
https://github.com/hiyouga/LLaMA-Factory
4
https://github.com/web2py/web2py
4
https://github.com/berriai/litellm
4
https://github.com/ietf-tools/xml2rfc
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/jhpyle/docassemble
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/wasm3/wasm3
4
https://github.com/nltk/nltk
4
https://github.com/frappe/frappe
4
https://github.com/mlc-ai/xgrammar
4
https://github.com/latchset/jwcrypto
4
https://github.com/streamlit/streamlit
4
https://github.com/hyperledger/indy-node
4
https://github.com/zopefoundation/RestrictedPython
4
https://github.com/AcademySoftwareFoundation/openexr
4
https://github.com/litestar-org/litestar
4
https://github.com/pypa/setuptools
4
https://github.com/Cog-Creators/Red-DiscordBot
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/eosphoros-ai/DB-GPT
4
https://github.com/blacklanternsecurity/bbot
4
https://github.com/rohe/pysaml2
4
https://github.com/bottlepy/bottle
4
https://github.com/AcademySoftwareFoundation/MaterialX
4
https://github.com/ronf/asyncssh
4
https://github.com/langflow-ai/langflow
4
https://github.com/simonw/datasette
4
https://github.com/pallets/flask
4
https://github.com/saleor/saleor
4
https://github.com/pretix/pretix
4
https://github.com/grpc/grpc
4
https://github.com/dbt-labs/dbt-core
4
https://github.com/jpadilla/pyjwt
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/eventlet/eventlet
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/ankitects/anki
3
https://github.com/gventuri/pandas-ai
3
https://github.com/astral-sh/uv
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/benoitc/gunicorn
3
https://github.com/aws/sagemaker-python-sdk
3
https://github.com/langchain-ai/langgraph
3
https://github.com/Kludex/python-multipart
3
https://github.com/aws/aws-sam-cli
3
https://github.com/furlongm/openvpn-monitor
3
https://github.com/langroid/langroid
3
https://github.com/djblets/djblets
3
https://github.com/mpdavis/python-jose
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/Flask-Middleware/flask-security
3
https://github.com/pyinstaller/pyinstaller
3
https://github.com/dlitz/pycrypto
3
https://github.com/openstack/octavia
3
https://github.com/khoj-ai/khoj
3
https://github.com/openstack/ironic
3
https://github.com/chatchat-space/Langchain-Chatchat
3
https://github.com/Project-MONAI/MONAI
3
https://github.com/adamghill/django-unicorn
3
https://github.com/poezio/slixmpp
3
https://github.com/pyca/pyopenssl
3
https://github.com/ansible/ansible-runner
3
https://github.com/lepture/mistune
3
https://github.com/geyang/ml-logger
3
https://github.com/certifi/python-certifi
3
https://github.com/python/cpython
3
https://github.com/pygments/pygments
3
https://github.com/theupdateframework/tuf
3
https://github.com/sosreport/sos
3
https://github.com/Gerapy/Gerapy
3
https://github.com/micropython/micropython
3
https://github.com/zauberzeug/nicegui
3
https://github.com/trentm/python-markdown2
3
https://github.com/authlib/authlib
3
https://github.com/yaml/pyyaml
3
https://github.com/stephenmcd/mezzanine
3
https://github.com/DavidOsipov/PostQuantum-Feldman-VSS
3
https://github.com/GeoNode/geonode
3