Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-4jvf-wx3f-2x8q
  • PyPI/aws-advanced-python-wrapper
 AWS Advanced Python Wrapper: Privilege Escalation in Aurora PostgreSQL instance 1 hour ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-cvf4-f829-762v
  • PyPI/pgadmin4
 pgAdmin is affected by an LDAP injection vulnerability 8 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-g4r8-3qmh-pmch
  • PyPI/pgadmin4
 pgAdmin has vulnerability in LDAP authentication mechanism that allows bypassing TLS certificate verification 8 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-rm79-x4g6-hvg5
  • PyPI/pgadmin4
 pgAdmin 4 has command injection vulnerability on Windows systems 8 hours ago
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-w2p4-p4rh-qcm3
  • PyPI/pgadmin4
 pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode 8 hours ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-rrx3-2x4g-mq2h
  • PyPI/bugsink
 Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU) 23 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-fc2v-vcwj-269v
  • PyPI/bugsink
 Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input 23 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-4c3j-3h7v-22q9
  • PyPI/changedetection-io
 changedetection.io: Stored XSS in Watch update via API yesterday
  • Fix available
  • Severity - 3.5 (Low)
MAL-2025-112503
  • PyPI/llmboost-hub
 Malicious code in llmboost-hub (PyPI) 2 days ago
  • No fix available
GHSA-f83h-ghpp-7wcc
  • PyPI/pdfminer-six
 Insecure Deserialization (pickle) in pdfminer.six CMap Loader — Local Privesc 6 days ago
  • Fix available
  • Severity - 7.8 (High)
GHSA-wf5f-4jwr-ppcp
  • PyPI/pdfminer-six
 Arbitrary Code Execution in pdfminer.six via Crafted PDF Input 6 days ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-vm2f-46xc-5jc3
  • PyPI/astrbot
 AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64 6 days ago
  • No fix available
  • Severity - 5.7 (Medium)
GHSA-xrj9-mw57-j34v
  • PyPI/astrbot
 AstrBot contains a directory traversal vulnerability 6 days ago
  • No fix available
  • Severity - 8.7 (High)
GHSA-cm35-v4vp-5xvx
  • npm/open-webui
  • PyPI/open-webui
 Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events 6 days ago
  • Fix available
  • Severity - 7.3 (High)
GHSA-w7xj-8fx7-wfch
  • npm/open-webui
  • PyPI/open-webui
 Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE 6 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-w832-gg5g-x44m
  • PyPI/datasette
 Open redirect endpoint in Datasette 06 Nov
  • Fix available
Load more...