adclaw (>=1.0.0 <=1.0.4), agentloop-sdk (>=0.3.0 <=0.4.0) +23 more potentially affected by CVE-2024-8438 via agentscope (>=1.0.10 <=1.0.19.post1)

agentscope PYPI version =1.0.10, =1.0.0, =0.3.0, =0.1.0, =0.2.0, =0.1.5, =1.0.0.post2, =0.1.0, =0.1.0, =0.1.0.post1, =0.2.0, =0.4.0, =0.1.6, =0.1.0, =0.1.2 and more Source cves: CVE-2024-8438 Source advisory: OSV:PYSEC-2025-80...

adclaw (>=1.0.0 <=1.0.4), agentloop-sdk (>=0.3.0 <=0.4.0) +23 more potentially affected by CVE-2024-8487 via agentscope (>=1.0.10 <=1.0.19.post1)

agentscope PYPI version =1.0.10, =1.0.0, =0.3.0, =0.1.0, =0.2.0, =0.1.5, =1.0.0.post2, =0.1.0, =0.1.0, =0.1.0.post1, =0.2.0, =0.4.0, =0.1.6, =0.1.0, =0.1.2 and more Source cves: CVE-2024-8487 Source advisory: OSV:PYSEC-2025-81...

acquantum-qiskit (>=0.0.1 <=0.0.3), aer-plugin (>=0.0.1 <=0.0.2) +161 more potentially affected by CVE-2025-2000 via qiskit (>=0.18.3 <=1.4.0)

qiskit PYPI version =0.18.3, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.1.4, =0.0.1, =0.6.0, =0.0.0, =2.0.0, =0.0.3, =0.0.2, =0.1.0, =0.1.0.3 and more Source cves: CVE-2025-2000 Source advisory: SNYK:PYTHON-QISKIT-9459043...

Updated python-jinja2 packages fix security vulnerability

Jinja sandbox breakout through attr filter selecting format method. CVE-2025-27516...

abgrouponline (>=1.0.0 <=1.0.4), abismal (>=0.0.6 <=0.0.7) +1594 more potentially affected by CVE-2025-1550 via keras (>=3.0.0 <=3.7.0)

keras PYPI version =3.0.0, =1.0.0, =0.0.6, =0.0.1, =0.0.1, =0.0.3, =0.3.0, =0.0.1, =0.1.0, =0.1.0, =0.0.1, =0.1.0, =0.3.0 - aegis-model =0.1.0 and more Source cves: CVE-2025-1550 Source advisory: OSV:PYSEC-2025-122...

Linux Distros Unpatched Vulnerability : CVE-2022-48560

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free exists in Python through 3.9 via heappushpop in heapq. CVE-2022-48560 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2022-40897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageInd...

Linux Distros Unpatched Vulnerability : CVE-2019-9947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a ur...

Linux Distros Unpatched Vulnerability : CVE-2019-9740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a ur...

Linux Distros Unpatched Vulnerability : CVE-2013-7040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the abili...

PYSEC-2025-18

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package hosted, for example, on pypi.org or GitHub via pip.main. Because pip is not a restricted global, the model, when scanned with picklesca...

Malicious code in acloud-clients (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 89813876cca364b0dffda624005d527aa3c9f54ea7ce20af8186faf8f374ba6f This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

MAL-2025-191904 Malicious code in time-server-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8a160dff2a937ad50482cc2b8c8bcd1b7e7c37aefb584bd26515edfecdd4052f This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

MAL-2025-191905 Malicious code in time-service-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92ae5fc73fd7cc45d02ba02f6c3b667d155f681ba74262d66421edee5f19d237 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

GHSA-QXG5-MCMP-M3M9 vulnerabilities

Vulnerabilities for packages: python...

GHSA-PH84-RCJ2-FXXM vulnerabilities

Vulnerabilities for packages: python...

GHSA-QXG5-MCMP-M3M9 vulnerabilities

Vulnerabilities for packages: python...

GHSA-MMM5-WGVP-WP8R vulnerabilities

Vulnerabilities for packages: python...

GHSA-Q98G-HXG3-268C vulnerabilities

Vulnerabilities for packages: python...

GHSA-MH6Q-V4MP-2CC7 vulnerabilities

Vulnerabilities for packages: python...