Lucene search
K
PypaMost viewed

5616 matches found

PyPA
PyPA
added 2 days ago3 views

Apache Airflow Providers FAB Insufficient Session Expiration vulnerability

Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB.This issue affects Apache Airflow Providers FAB: 1.2.1 when used with Apache Airflow 2.9.3 and FAB 1.2.0 for all Airflow versions. The FAB provider prevented the user from logging out. FAB provider 1.2.1 only affected...

9.8CVSS6AI score0.00921EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2 days ago3 views

Aim Stored Cross-site Scripting Vulnerability

A stored cross-site scripting XSS vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML...

7.2CVSS5.8AI score0.00282EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

Ankitects Anki LaTeX Blocklist Bypass vulnerability

A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trigger this vulnerability...

4.3CVSS6.1AI score0.12111EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 2 days ago3 views

LoLLMS vulnerable to Expected Behavior Violation

A path traversal vulnerability exists in the applysettings function of parisneo/lollms versions prior to 9.5.1. The sanitizepath function does not adequately secure the discussiondbname parameter, allowing attackers to manipulate the path and potentially write to important system folders...

7.3CVSS5.9AI score0.00265EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference

RAIL documents are an XML-based format invented by Guardrails AI to enforce formatting checks on LLM outputs. Guardrails users that consume RAIL documents from external sources are vulnerable to XXE, which may cause leakage of internal file data via the SYSTEM entity...

8.2CVSS5.9AI score0.00408EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2 days ago3 views

Ankitects Anki arbitrary script execution vulnerability

An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...

9.6CVSS6.4AI score0.15067EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2 days ago3 views

Calibre-Web Cross Site Scripting (XSS)

In janeczku Calibre-Web 0.6.0 to 0.6.21, the editbookcomments function is vulnerable to Cross Site Scripting XSS due to improper sanitization performed by the cleanstring function. The vulnerability arises from the way the cleanstring function handles HTML sanitization...

5.4CVSS5.9AI score0.22894EPSS
Exploits4References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

setuptools vulnerable to Command Injection via package URL

A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...

8.8CVSS7.6AI score0.01939EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2 days ago3 views

OpaMiddleware does not filter HTTP OPTIONS requests

SummaryHTTP OPTIONS requests are always allowed by OpaMiddleware, even when they lack authentication, and are passed through directly to the application.The maintainer uncertain whether this should be classed as a "bug" or "security issue" – but is erring on the side of "security issue" as an...

6.9CVSS5.9AI score0.00563EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2 days ago3 views

Weblate vulnerable to improper sanitization of project backups

ImpactWeblate didn't correctly validate filenames when restoring project backup. It may be possible to gain unauthorized access tofiles on the server using a crafted ZIP file. PatchesThis issue has been addressed in Weblate 5.6.2 via...

5.4CVSS5.9AI score0.00315EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Local File Inclusion in Solara

A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. ...

8.6CVSS7.3AI score0.02884EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Vanna vulnerable to SQL Injection

vanna-ai/vanna version v0.3.4 is vulnerable to SQL injection in some file-critical functions such as pgreadfile. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like /etc/passwd, by exploiting the exposed SQL...

8.7CVSS7.3AI score0.00604EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

Sentry's Python SDK unintentionally exposes environment variables to subprocesses

ImpactThe bug in Sentry's Python SDK subprocess.checkoutput"env", env="TEST":"1"b'TEST=1\n'If you'd want to not pass any variables, you can set an empty dict: subprocess.checkoutput"env", env=b''However, the bug in Sentry SDK 2.8.0 causes all environment variables to be passed to the subprocesses...

5.3CVSS6AI score0.00198EPSS
Exploits0References13Affected Software1
PyPA
PyPA
added 2 days ago3 views

yt-dlp File system modification and RCE through improper file-extension sanitization

Summaryyt-dlp does not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp also reads config from the working directory and on Windows executables will be executed from the yt-dlp...

7.8CVSS6.3AI score0.00322EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added 2 days ago3 views

lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE

A path traversal vulnerability in the /setpersonalityconfig endpoint of parisneo/lollms version 9.4.0 allows an attacker to overwrite the configs/config.yaml file. This can lead to remote code execution by changing server configuration properties such as forceacceptremoteaccess and...

7.4CVSS6.6AI score0.00444EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

zipp Denial of Service vulnerability

A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the...

6.9CVSS6.8AI score0.00236EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Aim denial of service vulnerability

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections...

8.7CVSS6AI score0.00573EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Apache Superset vulnerable to improper SQL authorization

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...

9.8CVSS6AI score0.04433EPSS
Exploits2References7Affected Software1
PyPA
PyPA
added 2 days ago3 views

Open redirect in gradio

An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting XSS, Server-Side Request Forgery SSRF, amongst others. This...

6.1CVSS6.3AI score0.01021EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

Apache Superset server arbitrary file read

Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with localinfile enabled. If both the MariaDB server off by default and the local mysql client on the web server are set to allow for local infile, it's possible for the...

6.8CVSS6.1AI score0.01571EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

lollms vulnerable to dot-dot-slash path traversal in XTTS server

A path traversal vulnerability exists in the XTTS server of the parisneo/lollms package version v9.6. This vulnerability allows an attacker to write audio files to arbitrary locations on the system and enumerate file paths. The issue arises from improper validation of user-provided file paths in...

7.3CVSS7.2AI score0.0052EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

Path traversal in saltstack

A specially crafted url can be created which leads to a directory traversal in the salt file server.A malicious user can read an arbitrary file from a Salt master’s filesystem...

7.7CVSS7.1AI score0.0083EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Directory creation by malicious user in saltstack

Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can leada malicious attacker to create an arbitrary directory on a Salt master...

5CVSS6.2AI score0.00693EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Remote Code Execution in create_conda_env function in lollms

A remote code execution vulnerability exists in the createcondaenv function of the parisneo/lollms repository. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the envname and pythonversion...

6.8CVSS7.5AI score0.00446EPSS
Exploits2References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

js2py allows remote code execution

An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call...

8.8CVSS6.2AI score0.04548EPSS
Exploits22References7Affected Software1
PyPA
PyPA
added 2 days ago3 views

Cross-site Scripting in djangorestframework

Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...

6.1CVSS5.9AI score0.01133EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2 days ago3 views

SQL injection in litellm

A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the 'userid' parameter in the raw SQL query used for deleting users. An attacker can exploit this vulnerability b...

4.9CVSS6AI score0.0056EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements

ImpactA cross-site scripting XSS vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. PatchesThis vulnerability has been patched in TinyMCE 7.2.0,...

6.1CVSS5.9AI score0.00529EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2 days ago3 views

urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects

When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected.However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2 days ago3 views

document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection

ImpactWhat kind of vulnerability is it? Who is impacted?A remote code execution RCE via server-side template injection SSTI allows for user supplied code to be executed in the server's context where it is executed as the document-merge-server user with the UID 901 thus giving an attacker...

7.2CVSS6.5AI score0.01031EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Globus `identity_provider` restriction ignored when used with `allow_all` in JupyterHub 5.0

ImpactJupyterHub 5.0, when used with GlobusOAuthenticator, could be configured to allow all users from a particular institution only. The configuration for this would look like:python Require users to be using the "foo.horse" identity provider, often an institution or...

8.1CVSS6AI score0.00405EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2 days ago3 views

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...

6.8CVSS5.9AI score0.00788EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2 days ago3 views

TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option

ImpactA cross-site scripting XSS vulnerability was discovered in TinyMCE’s content extraction code. When using the noneditableregexp option, specially crafted HTML attributes containing malicious code were able to be executed when content was extracted from the editor. PatchesThis vulnerability h...

6.1CVSS5.9AI score0.00529EPSS
Exploits0References11Affected Software1
PyPA
PyPA
added 2 days ago3 views

Arbitrary file deletion in litellm

BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the /audio/transcriptions endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes...

8.1CVSS6.2AI score0.00614EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Invalid char to bool conversion when printing a tensor

ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...

7.5CVSS7.1AI score0.00389EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2 days ago3 views

ydata unsafe deserialization

Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when loaded...

7.8CVSS7.4AI score0.00239EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

ydata unsafe deserialization

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when loaded...

7.8CVSS6.3AI score0.00239EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

Skops unsafe deserialization

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded...

7.8CVSS7.4AI score0.00239EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS6.3AI score0.00618EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

MLFlow improper input validation

Remote Code Execution can occur in versions of the MLflow platform running version 1.11.0 or newer, enabling a maliciously crafted MLproject to execute arbitrary code on an end user’s system when run due to unfiltered input...

8.8CVSS6.5AI score0.00884EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.0.0rc0 or newer, enabling a maliciously uploaded Tensorflow model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS6.3AI score0.00618EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever

A Server-Side Request Forgery SSRF vulnerability exists in the Web Research Retriever component in langchain-community langchain-community.retrievers.webresearch.WebResearchRetriever. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet...

7.7CVSS6.3AI score0.00691EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2 days ago3 views

PyMongo Out-of-bounds Read in the bson module

Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with string. If the...

8.1CVSS6.6AI score0.00663EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2 days ago3 views

MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.27.0 or newer, enabling a maliciously crafted Recipe to execute arbitrary code on an end user’s system when run...

8.8CVSS6.4AI score0.00769EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploaded scikit-learn model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS6.3AI score0.00618EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS6.3AI score0.00697EPSS
Exploits5References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling a maliciously uploaded scikit-learn model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS6.3AI score0.00618EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2 days ago3 views

Improper Handling of Insufficient Permissions in `wagtail.contrib.settings`

ImpactDue to an improperly applied permission check in the wagtail.contrib.settings module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and update that setting, even when they have not been granted permission over the model. Th...

5.5CVSS6.1AI score0.0033EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

path traversal vulnerability was identified in the parisneo/lollms-webui

A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically within version 9.6. The vulnerability arises due to improper handling of user-supplied input in the 'listpersonalities' endpoint. By crafting a malicious HTTP request, an attacker can traverse the...

4CVSS6.1AI score0.00285EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2 days ago3 views

Gradio applications running locally vulnerable to 3rd party websites accessing routes and uploading files

ImpactThis CVE covers the ability of 3rd party websites to access routes and upload files to users running Gradio applications locally. For example, the malicious owners of www.dontvisitme.com could put a script on their website that uploads a large file to http://localhost:7860/upload and anyone...

4.3CVSS5.9AI score0.00352EPSS
Exploits1References8Affected Software1
Total number of security vulnerabilities5000