Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-hjqc-jx6g-rwp9
  • PyPI/keras
 Keras Directory Traversal Vulnerability 3 hours ago
  • Fix available
  • Severity - 8.9 (High)
MAL-2025-191534
  • PyPI/tablates
 Malicious code in tablates (PyPI) 4 hours ago
  • No fix available
MAL-2025-191535
  • PyPI/tableate
 Malicious code in tableate (PyPI) 4 hours ago
  • No fix available
GHSA-hgf8-39gv-g3f2
  • PyPI/werkzeug
 Werkzeug safe_join() allows Windows special device names 4 hours ago
  • Fix available
  • Severity - 6.3 (Medium)
MAL-2025-191533
  • PyPI/spellcheckers
 Malicious code in spellcheckers (PyPI) 5 hours ago
  • No fix available
GHSA-r77h-rpp9-w2xm
  • PyPI/spotipy
 Spotipy has a XSS vulnerability in its OAuth callback server 9 hours ago
  • Fix available
  • Severity - 3.6 (Low)
GHSA-768j-98cg-p3fv
  • PyPI/fonttools
 fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib 9 hours ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-2w93-qwpp-vgvj
  • PyPI/trytond
 trytond does not enforce access rights for data export 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-jqfc-9q34-prhg
  • PyPI/trytond
 trytond allows remote attackers to obtain sensitive trace-back (server setup) information 2 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-p3p5-xrmv-4j6x
  • PyPI/trytond
 trytond does not enforce access rights for the route of the HTML editor. 2 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-24hm-wm2h-h8w7
  • PyPI/peppol-py
 Peppol-py is vulnerable to XXE attacks due to Saxon configuration 3 days ago
  • Fix available
  • Severity - 5.0 (Medium)
GHSA-gx77-xgc2-4888
  • PyPI/ray
 Ray's New Token Authentication is Disabled By Default 5 days ago
  • No fix available
  • Severity - 9.3 (Critical)
GHSA-gq25-78jf-v78c
  • PyPI/tutor
 Overhang Tutor Discloses Sensitive Information due to Improper Cache-Control 5 days ago
  • No fix available
  • Severity - 3.3 (Low)
GHSA-75hx-6r6j-hw56
  • PyPI/python-mistralclient
 OpenStack's Mistral Client has a local file inclusion vulnerability 5 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-q279-jhrf-cc6v
  • PyPI/ray
 Ray is vulnerable to Critical RCE via Safari & Firefox Browsers through DNS Rebinding Attack 5 days ago
  • Fix available
  • Severity - 9.4 (Critical)
MAL-2025-191483
  • PyPI/hooktest2
 Malicious code in hooktest2 (PyPI) 5 days ago
  • No fix available
Load more...