01os (=0.0.14), 3-04-2025-ttm (=0.1.0) +10915 more potentially affected by CVE-2025-14930 via transformers (>=2.10.0 <=5.8.0)

transformers PYPI version =2.10.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev1, =0.1.0, =0.10.11, =0.5.5, =0.0.4.80, =3.4.6 - aait-store-cut-part-001 =0.0.1 and more Source cves: CVE-2025-14930 Source advisory: SNYK:PYTHON-TRANSFORMERS-14563374...

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +64 more potentially affected by CVE-2025-12840 via openexr (=3.4.11)

openexr PYPI version =3.4.11 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...

3m (>=0.1.1 <=0.1.3), 4dpocket (>=0.1.3 <=0.1.4) +8077 more potentially affected by CVE-2025-14930 via transformers (>=5.0.0 <=5.8.0)

transformers PYPI version =5.0.0, =0.1.1, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev1, =0.1.0, =2.3.15.994, =3.4.6 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 - aait-store-cut-part-003 =0.0.1 - aait-store-cut-part-004 =0.0.1 - aait-store-cut-part-005 =0.0.1 -...

allennlp (>=1.0.0 <=1.1.0rc1.dev20200709), allennlp-models (>=1.0.0 <=1.1.0rc1.dev20200709) +35 more potentially affected by CVE-2025-14928 via transformers (>=2.10.0 <=2.11.0)

transformers PYPI version =2.10.0, =1.0.0, =1.0.0, =0.0.1, =0.1.2, =0.1.3, =0.5.2, =0.1.2, =3.0.1, =0.1.0, =1.8.0, =0.12.2.dev2, =0.12.2.dev4 and more Source cves: CVE-2025-14928 Source advisory: OSV:PYSEC-2025-216...

allennlp (>=1.0.0 <=1.1.0rc1.dev20200709), allennlp-models (>=1.0.0 <=1.1.0rc1.dev20200709) +35 more potentially affected by CVE-2025-14930 via transformers (>=2.10.0 <=2.11.0)

transformers PYPI version =2.10.0, =1.0.0, =1.0.0, =0.0.1, =0.1.2, =0.1.3, =0.5.2, =0.1.2, =3.0.1, =0.1.0, =1.8.0, =0.12.2.dev2, =0.12.2.dev4 and more Source cves: CVE-2025-14930 Source advisory: OSV:PYSEC-2025-218...

adamix-gpt2 (>=0.0.1 <=0.0.2), allennlp (>=1.1.0 <=1.2.2) +67 more potentially affected by CVE-2025-14930 via transformers (>=3.0.0 <=3.5.1)

transformers PYPI version =3.0.0, =0.0.1, =1.1.0, =1.1.0, =0.0.2, =0.0.1, =0.0.7, =0.7.1, =0.2.4, =51.0.1, =0.0.1, =0.2.0, =0.4.1 and more Source cves: CVE-2025-14930 Source advisory: OSV:PYSEC-2025-218...

3m (>=0.1.1 <=0.1.3), 4dpocket (>=0.1.3 <=0.1.4) +8077 more potentially affected by CVE-2025-14924 via transformers (>=5.0.0 <=5.8.0)

transformers PYPI version =5.0.0, =0.1.1, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev1, =0.1.0, =2.3.15.994, =3.4.6 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 - aait-store-cut-part-003 =0.0.1 - aait-store-cut-part-004 =0.0.1 - aait-store-cut-part-005 =0.0.1 -...

3m (>=0.1.1 <=0.1.3), 4dpocket (>=0.1.3 <=0.1.4) +8077 more potentially affected by CVE-2025-14927 via transformers (>=5.0.0 <=5.8.0)

transformers PYPI version =5.0.0, =0.1.1, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev1, =0.1.0, =2.3.15.994, =3.4.6 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 - aait-store-cut-part-003 =0.0.1 - aait-store-cut-part-004 =0.0.1 - aait-store-cut-part-005 =0.0.1 -...

allennlp (>=1.0.0 <=1.1.0rc1.dev20200709), allennlp-models (>=1.0.0 <=1.1.0rc1.dev20200709) +35 more potentially affected by CVE-2025-14920 via transformers (>=2.10.0 <=2.11.0)

transformers PYPI version =2.10.0, =1.0.0, =1.0.0, =0.0.1, =0.1.2, =0.1.3, =0.5.2, =0.1.2, =3.0.1, =0.1.0, =1.8.0, =0.12.2.dev2, =0.12.2.dev4 and more Source cves: CVE-2025-14920 Source advisory: OSV:PYSEC-2025-211...

ab-tune (=0.1.0), abasedzne (=2.0.0.dev2) +529 more potentially affected by CVE-2025-68463 via biopython (>=1.0.0a4 <=1.86.0)

biopython PYPI version =1.0.0a4, =0.1.0, =0.5.1, =0.4.1, =1.0.0.0, =0.0.1, =0.2.0, =0.1.0, =0.1.7, =0.21.2, =1.0.0, =2.0.0 - ambie =0.6.3 and more Source cves: CVE-2025-68463 Source advisory: SNYK:PYTHON-BIOPYTHON-14535734...

RockyLinux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2023:2764)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2764 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 python: open redirection...

RHEL 8 : python39:3.9 (RHSA-2025:23530)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23530 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

GHSA-HFQX-732W-XRRW vulnerabilities

Vulnerabilities for packages: python...

CVE-2025-12084 vulnerabilities

Vulnerabilities for packages: python...

GHSA-HFQX-732W-XRRW vulnerabilities

Vulnerabilities for packages: python...

a-mailx (=0.1.0), ai-security-analyzer (>=0.0.45 <=0.0.55) +16 more potentially affected by CVE-2025-67644 via langgraph-checkpoint-sqlite (>=1.0.4 <=3.0.0)

langgraph-checkpoint-sqlite PYPI version =1.0.4, =0.0.45, =0.1.0a2, =0.4.3, =0.1.0a1, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.1.14 - my-agent =0.1.0 - novachain =0.1.0 - paper-sage =1.0.5 and more Source cves: CVE-2025-67644 Source advisory: OSV:GHSA-9RWJ-6RC7-P77C...

CVE-2025-13428 RCE in SecOps SOAR server via user-provided Python packages

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +113 more potentially affected by CVE-2025-13372 via django (>=4.2.0 <=4.2.26)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2025-13372 Source advisory: OSV:GHSA-RQW2-GHQ9-44M7...

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1418 more potentially affected by CVE-2025-13372 via django (>=5.2.0 <=5.2.8)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.0.13, =1.2.7 and more Source cves: CVE-2025-13372 Source advisory: OSV:GHSA-RQW2-GHQ9-44M7...

1xn-vmcp (>=0.5.2 <=0.6.1), a2c-smcp (>=0.1.1rc0 <=0.1.5) +400 more potentially affected by CVE-2025-66416 via mcp (>=1.0.0 <=1.22.0)

mcp PYPI version =1.0.0, =0.5.2, =0.1.1rc0, =0.7.2, =1.1.0, =1.1.0, =1.0.0, =1.0.0, =0.4.0, =0.0.19, =1.0.0, =3.2.0, =3.2.0, =4.2.2, =4.3.3 and more Source cves: CVE-2025-66416 Source advisory: SNYK:PYTHON-MCP-14171912...