1497 matches found
2404-segmentation-pipeline (>=0.1.0 <=1.0.0), abdomenatlas (>=0.1.0 <=0.1.1) +57 more potentially affected by CVE-2025-58755 via monai (>=0.4.0 <=1.5.1)
monai PYPI version =0.4.0, =0.1.0, =0.1.0, =0.0.1, =1.0.0, =0.0.0, =0.0.1, =2.0.1, =0.1.5, =0.4.2, =0.1.0, =1.0.12, =1.2.7 - dicom2hdf =0.9.9 - disjoint-generation =1.0.0 - edge-research-pipeline =0.1.2 and more Source cves: CVE-2025-58755 Source advisory: OSV:PYSEC-2025-140...
An Empirical Study of Vulnerabilities in Python Packages and Their Detection
In the rapidly evolving software development landscape, Python stands out for its simplicity, versatility, and extensive ecosystem. Python packages, as units of organization, reusability, and distribution, have become a pressing concern, highlighted by the considerable number of vulnerability...
abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +651 more potentially affected by CVE-2025-10279 via mlflow (>=3.0.0rc2 <=3.4.0)
mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.20.9, =0.21.10 and more Source cves: CVE-2025-10279 Source advisory: SNYK:PYTHON-MLFLOW-15170849...
aalam-common (=0.1.78), agency (>=1.0.0 <=1.1.0) +161 more potentially affected by CVE-2025-58068 via eventlet (>=0.19.0 <=0.40.1)
eventlet PYPI version =0.19.0, =1.0.0, =0.5.5, =0.61.9, =0.4.0, =2.3.0, =1.0.5, =0.6.7.post3, =0.0.17, =1.0.12, =0.1.3, =0.45.15, =0.1.6, =0.1.6.7 and more Source cves: CVE-2025-58068 Source advisory: OSV:GHSA-HW6F-RJFJ-J7J7...
Ubuntu: Security Advisory (USN-7710-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
5bb-task (=3.49.1rc1), aegis-stack (>=0.2.0 <=0.6.13) +157 more potentially affected by CVE-2025-55201 via copier (>=2.3.3 <=9.9.0)
copier PYPI version =2.3.3, =0.2.0, =0.1.0, =1.0.0, =0.2.0, =0.0.1b1, =0.0.1, =0.1.2, =0.1.0, =0.1.0, =0.1.0, =3.0.0, =0.5.2, =0.14.1 and more Source cves: CVE-2025-55201 Source advisory: OSV:GHSA-3XW7-V6CJ-5Q8H...
01memories (>=0.0.27 <=0.0.32), 01os (>=0.0.1 <=0.0.13) +8309 more potentially affected by CVE-2025-50817 via future (>=0.14.1 <=1.0.0)
future PYPI version =0.14.1, =0.0.27, =0.0.1, =1.0.0, =2.0.0, =0.0.2, =0.1.1, =0.9.2, =0.1.1, =0.4.24b0, =0.4.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-50817 Source advisory: SNYK:PYTHON-FUTURE-11951438...
omero-figure (=4.4.2), omero-iviewer (=0.11.2) +4 more potentially affected by CVE-2025-54791 via omero-web (=5.13.0)
omero-web PYPI version =5.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on omero-web and may be impacted: - omero-figure =4.4.2 - omero-iviewer =0.11.2 - omero-mapr =0.4.3 - omero-parade =0.2.2 - omero-signup =0.3.1 - omero-virtual-microscope =1.1....
CVE-2025-8194 vulnerabilities
Vulnerabilities for packages: python...
aioradio (=0.20.24), aisquared (>=0.2.2.dev0 <=0.2.2.dev9) +20 more potentially affected by CVE-2025-54413 via skops (>=0.10.0 <=0.11.0)
skops PYPI version =0.10.0, =0.2.2.dev0, =23.10.1, =23.8.0, =0.5.1, =1.2.15, =1.5.0, =0.4.0, =0.1.0, =1.5.0, =1.6.1 - prompt-protect =0.1.0 and more Source cves: CVE-2025-54413 Source advisory: SNYK:PYTHON-SKOPS-11023249...
aioradio (=0.20.24), aisquared (>=0.2.2.dev0 <=0.2.2.dev9) +20 more potentially affected by CVE-2025-54413 via skops (>=0.10.0 <=0.11.0)
skops PYPI version =0.10.0, =0.2.2.dev0, =23.10.1, =23.8.0, =0.5.1, =1.2.15, =1.5.0, =0.4.0, =0.1.0, =1.5.0, =1.6.1 - prompt-protect =0.1.0 and more Source cves: CVE-2025-54413 Source advisory: OSV:GHSA-4V6W-XPMH-GFGP...
Alibaba Cloud Linux 3 : 0121: python3.11 (ALINUX3-SA-2025:0121)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0121 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-12718: Allows modifying some file...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1728 more potentially affected by CVE-2025-3264 via transformers (>=2.10.0 <=4.50.3)
transformers PYPI version =2.10.0, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3264 Source advisory: OSV:GHSA-JJPH-296X-MRCR...
ace-step (=0.1.0), agent-memory-jojo (=0.1.3) +164 more potentially affected by CVE-2025-3262 via transformers (>=4.49.0 <=4.50.3)
transformers PYPI version =4.49.0, =3.2.0, =2.2.0, =0.0.5, =2026.3.1, =0.1.0, =1.2.1b20250404, =1.2.1b20250404, =1.2.1b20250404, =0.1.2, =0.1.8 - azureml-metrics =0.0.25.post1 and more Source cves: CVE-2025-3262 Source advisory: OSV:GHSA-489J-G2VX-39WF...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +42 more potentially affected by CVE-2025-5472 via llama-index (>=0.10.0 <=0.12.36)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =1.0.23.post1 and more Source cves: CVE-2025-5472 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645587...
aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-5472 via llama-index-core (>=0.10.0 <=0.12.37)
llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-5472 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-10645586...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1800 more potentially affected by CVE-2025-3777 via transformers (>=2.10.0 <=4.51.3)
transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3777 Source advisory: SNYK:PYTHON-TRANSFORMERS-10658536...
RHEL 9 : python3.9 (RHSA-2025:10399)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10399 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
MAL-2025-191733 Malicious code in fonafx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9441463f029726ea263225e9b0092d82b049e2d7a4e059becd24f5e23c70a906 Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...
GHSA-J5CC-6RX8-FF96 vulnerabilities
Vulnerabilities for packages: python...