Lucene search
K

7044 matches found

PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

Gradio Vulnerable to Arbitrary File Deletion

A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. This vulnerability allows an attacker to control the format of the audio file, leading to arbitrary file content deletion. By manipulating the output format, an attacker can reset...

8.2CVSS7.3AI score0.0067EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

Aim Vulnerable to Denial of Service (DoS)

In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests...

7.5CVSS5.9AI score0.00588EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Exiv2 allows Use After Free

ImpactA heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are not affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflow is triggered when...

9.8CVSS6.2AI score0.00816EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.5 views

Jinja2 vulnerable to sandbox breakout through attr filter selecting format method

An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code.To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on...

8.8CVSS6.2AI score0.00476EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.4 views

Spotipy's cache file, containing spotify auth token, is created with overly broad permissions

SummaryThe CacheHandler class creates a cache file to store the auth token here: https://github.com/spotipy-dev/spotipy/blob/master/spotipy/cachehandler.pyL93-L98The file created has rw-r--r-- 644 permissions by default, when it could be locked down to rw------- 600 permissions. I think 600 is a...

9.8CVSS5.9AI score0.00589EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

CodeChecker open redirect when URL contains multiple slashes after the product name

Summary---CodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL's path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect...

6.1CVSS5.9AI score0.00246EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.5 views

Spacy-LLM Server-Side Template Injection (SSTI) vulnerability

A Server-Side Template Injection SSTI vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field...

9.8CVSS6.3AI score0.00728EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.5 views

copyparty renders unsanitized filenames as HTML when user uploads empty files

SummaryA DOM-Based XSS was discovered in copyparty, a portable fileserver. The vulnerability is considered low-risk. DetailsBy handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an attacker could execute arbitrary javascript with the...

6.1CVSS6.1AI score0.00426EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Azure PromptFlow remote code execution related to Jinja templates

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

6.5CVSS6.1AI score0.00492EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

Apache Airflow MySQL Provider is Vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Airflow MySQL Provider.When user triggered a DAG with dumpsql or loadsql functions they could pass a table parameter from a UI, that could cause SQL injection by running SQL that was not...

6.3CVSS6AI score0.00797EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

XPixelGroup BasicSR Command Injection

XPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in the presence of a crafted SLURMNODELIST environment variable...

5.3CVSS6.4AI score0.00191EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Malciously crafted QPY files can allows Remote Attackers to Cause Denial of Service in Qiskit

ImpactA maliciously crafted QPY file containing a malformed symengine serialization stream as part of the larger QPY serialization of a ParameterExpression object can cause a segfault within the symengine library, allowing an attacker to terminate the hosting process deserializing the QPY payload...

8.6CVSS5.9AI score0.0066EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.5 views

Label Studio has a Path Traversal Vulnerability via image Field

DescriptionA path traversal vulnerability in Label Studio SDK versions prior to 1.0.10 allows unauthorized file access outside the intended directory structure. Label Studio versions before 1.16.0 specified SDK versions prior to 1.0.10 as dependencies, and the issue was confirmed in Label Studio...

8.7CVSS6.2AI score0.00739EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.5 views

Vulnerable OpenSSL included in cryptography wheels

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt.If you are...

6.3CVSS6.1AI score0.02439EPSS
Exploits0References11Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Home Assistant does not correctly validate SSL for outgoing requests in core and used libs

SummaryProblem: Potential man-in-the-middle attacks due to missing SSL certificate verification in the project codebase and used third-party libraries. DetailsIn the past, aiohttp-session/request had the parameter verifyssl to control SSL certificate verification. This was a boolean value. In...

7CVSS6AI score0.00229EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

nbgrader's `frame-ancestors: self` grants all users access to formgrader

ImpactEnabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomains = False.1915 disables a protection which would...

8.6CVSS6AI score0.00453EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint

DescriptionLabel Studio's S3 storage integration feature contains a Server-Side Request Forgery SSRF vulnerability in its endpoint configuration. When creating an S3 storage connection, the application allows users to specify a custom S3 endpoint URL via the s3endpoint parameter. This endpoint UR...

8.6CVSS6.1AI score0.00644EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.5 views

MobSF Partial Denial of Service (DoS)

Partial Denial of Service DoSProduct: MobSFVersion: v4.2.9CWE-ID: CWE-1287: Improper Validation of Specified Type of InputCVSS vector v.4.0: 6.9 AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:NCVSS vector v.3.1: 6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HDescription: DoS in the Scans Results an...

7.1CVSS6AI score0.00448EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

MobSF Stored Cross-Site Scripting (XSS)

Product: MobSFVersion: 4.3.1CWE-ID: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'CVSS vector v.4.0: 8.5 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:NCVSS vector v.3.1: 8.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:NDescription: Stored XSS in the iOS...

8.6CVSS6AI score0.00373EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.4 views

Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0

ImpactThe Keylime registrar implemented more strict type checking on version 7.12.0. As a result, when updated to version 7.12.0, the registrar will not accept the format of the data previously stored in the database by versions = 7.8.0, raising an exception.This makes the Keylime registrar...

4.3CVSS6AI score0.00365EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Label Studio allows Cross-Site Scripting (XSS) via GET request to `/projects/upload-example` endpoint

DescriptionLabel Studio's /projects/upload-example endpoint allows injection of arbitrary HTML through a GET request with an appropriately crafted labelconfig query parameter. By crafting a specially formatted XML label config with inline task data containing malicious HTML/JavaScript, an attacke...

6.1CVSS6.3AI score0.0185EPSS
Exploits2References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

MobSF Local Privilege Escalation

Product: Mobile Security Framework MobSFVersion: 4.3.0CWE-ID: CWE-269: Improper Privilege ManagementCVSS vector v.4.0: 7.1 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:NCVSS vector v.3.1: 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NDescription: MobSF has a functionality of dividing users by...

8.5CVSS6AI score0.00348EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.4 views

CKAN has an XSS vector in user uploaded images in group/org and user profiles

ImpactUsing a specially crafted file, a user could potentially upload a file containing code that when executed could send arbitrary requests to the server. If that file was opened by an administrator, it could lead to escalation of privileges of the original submitter or other malicious actions...

7.3CVSS5.9AI score0.00442EPSS
Exploits0References11Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Mitmweb API Authentication Bypass Using Proxy Server

ImpactIn mitmweb 11.1.0 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal API bound to 127.0.0.1:8081 by default. In other words, while the client cannot access the API directly good, they can access the API through the proxy bad. ...

8.2CVSS6.1AI score0.00817EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape

SummaryIf an attacker can control the input to the asteval library, they can bypass asteval's restrictions and execute arbitrary Python code in the context of the application using the library. DetailsThe vulnerability is rooted in how asteval performs handling of FormattedValue AST nodes. In...

8.4CVSS6.2AI score0.00229EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter

ImpactVia a type confusion bug in the CPython interpreter when using try/except RestrictedPython could be bypassed.We believe this should be fixed upstream in Python itself until that we remove support for try/except from RestrictedPython.It has been fixed for some Python versions. PatchesPatched...

7.9CVSS5.9AI score0.00388EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Indico Insecure Access

A Broken Object Level Authorization BOLA vulnerability in Indico v3.2.9 allows attackers to access sensitive information via sending a crafted POST request to the component /api/principals...

7.5CVSS5.9AI score0.00603EPSS
Exploits2References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Composio Command Execution vulnerability

composio =0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletoolcalls function...

6.4CVSS6AI score0.00584EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

khoj has an IDOR in subscription management allows unauthorized subscription modifications

SummaryAn Insecure Direct Object Reference IDOR vulnerability in the updatesubscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email parameter in the request. DetailsThe vulnerability exists in the subscription endpoint at...

4.3CVSS5.9AI score0.00373EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

NiceGUI On Air authentication issue

SummaryOnce a user logins to one browser, all other browsers are logged in without entering password. Even incognito mode. Impacthigh...

7.5CVSS5.9AI score0.00374EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.10 views

Letta (previously MemGPT) incorrect access control vulnerability

Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...

7.5CVSS5.9AI score0.00392EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal

SummaryImproper input validation in the application can allow attackers to perform local file read LFR or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or...

8.6CVSS5.9AI score0.00691EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

Vulnerability SummaryA type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations Django, SQLAlchemy, Pydantic. The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay node...

3.7CVSS6AI score0.00368EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

GHSL-2024-288: SickChill open redirect in login

SickChill is an automatic video library manager for TV shows. A user-controlled login endpoint's next parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open...

4.8CVSS6AI score0.00951EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

pgAdmin has Incorrect Default Permissions

A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...

8CVSS5.8AI score0.00447EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.8 views

Apache Airflow Fab Provider Insufficient Session Expiration vulnerability

Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider.This issue affects Apache Airflow Fab Provider: before 1.5.2.When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...

8.1CVSS5.9AI score0.00936EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

sigstore has insufficient validation of integration timestamp during verification

SummaryVersions of sigstore-python newer than 2.0.0 but prior to 3.6.0 perform insufficient validation of the "integration time" present in "v2" and "v3" bundles during the verification flow: the "integration time" is verified if a source of signed time such as an inclusion promise is present, bu...

6.9CVSS6AI score0.0024EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

python-sql SQL injection vulnerability

A vulnerability was found in python-sql where unary operators do not escape non-Expression like And and Or which makes any system exposing those vulnerable to an SQL injection attack...

6.5CVSS6.6AI score0.00677EPSS
Exploits0References11Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

Jinja has a sandbox breakout through malicious filenames

A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used.To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether...

8.8CVSS6.2AI score0.00301EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Koji Cross-site Scripting

A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code...

5.4CVSS6AI score0.0029EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

python-libarchive directory traversal

python-libarchive through 4.2.1 allows directory traversal to create files in extract in zip.py for ZipFile.extractall and ZipFile.extract...

8.8CVSS5.9AI score0.02041EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Amazon Redshift Python Connector vulnerable to SQL Injection

SummaryA SQL injection in the Amazon Redshift Python Connector in version 2.1.4 allows a user to gain escalated privileges via schema injection in the getschemas, gettables, or getcolumns Metadata APIs. Users should upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. ImpactA SQ...

8.6CVSS6AI score0.0052EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

unstructured XML External Entity (XXE)

unstructured v.0.14.2 and before is vulnerable to XML External Entity XXE via the XMLParser...

9.8CVSS5.9AI score0.00545EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

PGHoard Path Traversal vulnerability

A vulnerability has been discovered that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending on the permissions/privileges assigned to pghoard, this could allow disclosure of sensitive information...

6.5CVSS5.8AI score0.00414EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

Jinja has a sandbox breakout through indirect reference to format method

An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code.To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the...

7.8CVSS6.2AI score0.005EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access

Improper Authorization vulnerability in Apache Superset. On Postgres analytic databases an attacker with SQLLab access cancraft a specially designed SQL DML statementthat is Incorrectly identified as a read-only query, enabling its execution. Non postgres analytics database connections and postgr...

7.1CVSS6AI score0.02562EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.7 views

pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

pyrage uses the Rust age crate for its underlying operations, and age is vulnerable to GHSA-4fg7-vxc8-qx5w.All details of GHSA-4fg7-vxc8-qx5w are relevant to pyrage for the versions specified in this advisory. See GHSA-4fg7-vxc8-qx5w for full details.Versions of pyrage before 1.2.0 lack plugin...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

D-Tale allows Remote Code Execution through the Custom Filter Input

ImpactUsers hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. PatchesUsers should upgrade to version 3.16.1 where the update-settings endpoint blocks the ability for users to update the enablecustomfilters flag. You can find...

6.9CVSS6.7AI score0.01063EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Synapse Matrix has a partial room state leak via Sliding Sync

ImpactThe Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. PatchesSynapse version 1.120.1 fixes the problem. WorkaroundsDisable Sliding Sync...

4.3CVSS6AI score0.00427EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 2:34 p.m.6 views

Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled

Improper Authorization vulnerability in Apache Superset whenFABADDSECURITYAPI is enabled disabled by default. Allows for lower privilege users to use this API.issue affects Apache Superset: from 2.0.0 before 4.1.0.Users are recommended to upgrade to version 4.1.0, which fixes the issue...

7.6CVSS5.9AI score0.00653EPSS
Exploits0References7Affected Software1
Total number of security vulnerabilities7044