170051277-trab-final-gces (>=0.3.0 <=0.5.0), 2022-2-gces-ifpf (=0.3.0) +527 more potentially affected by CVE-2026-1260 via sentencepiece (>=0.1.82 <=0.2.0)

sentencepiece PYPI version =0.1.82, =0.3.0, =0.0.4.80, =1.0.32, =1.1.0, =0.3.0, =0.5.0, =0.2.2, =2.0.0, =0.3.5, =0.0.3, =0.3.0, =0.3.17 - akira =0.1.2 - al-for-design =0.0.1 - alignmap =1.0.0 and more Source cves: CVE-2026-1260 Source advisory: SNYK:PYTHON-SENTENCEPIECE-15091567...

MiracleLinux 9 : python3.9-3.9.14-1.el9.1 (AXSA:2022-4506:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4506:01 advisory. python: local privilege escalation via the multiprocessing forkserver start method CVE-2022-42919 Tenable has extracted the preceding description block...

MiracleLinux 8 : python3-3.6.8-69.el8_10.ML.1 (AXSA:2024-9057:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9057:07 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Improper validation of IPv6 and IPvFuture addresses...

EUVD-2020-0170

Malware in sbrugna...

EUVD-2022-0066

Malicious code in bioql PyPI...

EUVD-2023-2755

Malicious code in bioql PyPI...

Fedora: Security Advisory (FEDORA-2025-41dc96c19a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-41382

The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

CVE-2023-43804 affecting package python3 for versions less than 3.9.19-13

CVE-2023-43804 affecting package python3 for versions less than 3.9.19-13. A patched version of the package is available...

Fedora: Security Advisory (FEDORA-2024-607a0047bc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-37370 · Pypi · Democritus-Hypothesis +1

Name of the Vulnerable Software and Affected Versions: d8s-ip-addresses version 0.1.0 Description: The d8s-ip-addresses package for python, distributed on PyPI, contains a potential code-execution backdoor. This backdoor is inserted by a third party through the democritus-hypothesis package...

CVE-2022-33000

The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29559 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29559 Source advisory: OSV:PYSEC-2021-487...

aiproteomics (=0.2.1), alpharing (>=1.0.0 <=2.0.0) +26 more potentially affected by CVE-2021-29615 via tensorflow-cpu (>=1.15.0 <=2.1.0)

tensorflow-cpu PYPI version =1.15.0, =1.0.0, =0.0.1, =1.0.0.4, =0.1.0, =0.2.3, =0.0.5, =0.1.2, =1.0.0, =1.8.2, =1.6.1, =1.8.3 - netfl =1.5.0 and more Source cves: CVE-2021-29615 Source advisory: OSV:PYSEC-2021-543...

CVE-2018-20325

There is a vulnerability in load method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution...