Lucene search
K

7044 matches found

PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

pyspider Cross-Site Request Forgery (CSRF) via the Flask endpoints

binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery CSRF via the Flask endpoints...

8.8CVSS5.9AI score0.00223EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders

ImpactIn Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for processing.This significantly expands t...

9.1CVSS6AI score0.00625EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality

SummaryThe application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to the system. When users in the application use the "Diff or Compare" functionality, they are affected by a Stored Cross-Site Scripting vulnerability...

8.1CVSS5.9AI score0.00508EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

Apache Superset: Improper SQL authorisation, parse not checking for specific postgres functions

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. This issue is a follow-up toCVE-2024-39887 wi...

9.8CVSS6AI score0.00806EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Synapse allows unsupported content types to lead to memory exhaustion

ImpactIn Synapse before 1.120.1, multipart/form-data requests can in certain configurations transiently increase memory consumption beyond expected levels while processing the request, which can be used to amplify denial of service attacks. PatchesSynapse 1.120.1 resolves the issue by denying...

8.2CVSS6AI score0.00715EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

Python package "zhmcclient" stores passwords in clear text in its HMC and API logs

ImpactThe Python package "zhmcclient" writes password-like properties in clear text into its HMC and API logs in the following cases: The 'boot-ftp-password' and 'ssc-master-pw' properties when creating or updating a partition in DPM mode, in the zhmcclient API and HMC logs The 'ssc-master-pw' an...

8.2CVSS5.9AI score0.00135EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

Apache Superset: Error verbosity exposes metadata in analytics databases

Generation of Error Message Containing analytics metadata Information in Apache Superset.This issue affects Apache Superset: before 4.1.0.Users are recommended to upgrade to version 4.1.0, which fixes the issue...

5.3CVSS5.9AI score0.00787EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Synapse allows a a malformed invite to break the invitee's `/sync`

ImpactSynapse versions before 1.120.1 fail to properly validate invites received over federation. This vulnerability allows a malicious server to send a specially crafted invite that disrupts the invited user's /sync functionality. PatchesSynapse 1.120.1 rejects such invalid invites received over...

8.7CVSS6AI score0.00547EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

PyJWT Issuer field partial matches allowed

SummaryThe wrong string if check is run for iss checking, resulting in "acb" being accepted for "abc". DetailsThis is a bug introduced in version 2.10.0: checking the "iss" claimchanged from isinstanceissuer, list to isinstanceissuer,Sequence.diff- if isinstanceissuer, list:+ if isinstanceissuer,...

7.5CVSS6AI score0.0081EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•8 views

Denial of service (DoS) via deformation `multipart/form-data` boundary

SummaryWhen parsing form data, python-multipart skips line breaks CR \r or LF \n in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause excessive logging for certain inputs.An attacker could...

8.7CVSS6AI score0.00644EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API

SummaryThe user invite acceptance API endpoint lacks server-side password policy enforcement, allowing users to set arbitrarily weak passwords by bypassing client-side validation. While the UI enforces password complexity requirements, direct API calls can circumvent these checks, enabling the...

8.8CVSS5.8AI score0.00536EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Django Filer Unrestricted Upload of File with Dangerous Type

Unrestricted Upload of File with Dangerous Type, Improper Input Validation, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3....

5.5CVSS5.9AI score0.0034EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

pyspider Cross-site Scripting vulnerability

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS5.9AI score0.00403EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•8 views

OpenStack Neutron can use an incorrect ID during policy enforcement

In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change add and clear tags on network objects that do not belong to the tenant...

7.5CVSS6AI score0.00695EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Tornado has an HTTP cookie parsing DoS vulnerability

The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests.See...

7.5CVSS5.9AI score0.01051EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

libre-chat Path Traversal vulnerability

An issue in the uploaddocuments method of libre-chat v0.0.6 allows attackers to execute a path traversal via supplying a crafted filename in an uploaded file...

9.1CVSS6.1AI score0.00762EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

check-jsonschema default caching for remote schemas allows for cache confusion

ImpactThe default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. https://example.org/schema.json will be stored as schema.json. This naming allows for conflicts. If an attacker can get a user to run check-jsonschema against a malicious schema URL,...

7.1CVSS5.9AI score0.00142EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•9 views

LLama Factory Remote OS Command Injection Vulnerability

SummaryA critical remote OS command injection vulnerability has been identified in the Llama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on the host system. The issue is caused by insecure usa...

9.8CVSS6.2AI score0.02273EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

aiohttp has a memory leak when middleware is enabled when requesting a resource with a non-allowed method

SummaryA memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each MatchInfoError producing a unique cache entry. ImpactIf the user is making use of any middlewares with aiohttp.web then it is advisab...

8.7CVSS5.9AI score0.00563EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

django CMS Attributes Field Cross-site Scripting

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS.This issue affects django CMS Attributes Fields: before 4.0...

6.9CVSS5.9AI score0.00458EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Litestar allows unbounded resource consumption (DoS vulnerability)

SummaryLitestar offers multiple methods to return a parsed representation of the request body, as well as extractors that rely on those parsers to map request content to structured data types. Multiple of those parsers do not have size limits when reading the request body into memory, which allow...

8.2CVSS5.9AI score0.00756EPSS
Exploits1References9Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

aiohttp allows request smuggling due to incorrect parsing of chunk extensions

SummaryThe Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under certain conditions. ImpactIf a pure Python version of aiohttp is installed i.e. without the usual C extensions or AIOHTTPNOEXTENSIONS is enabled, then an attacker may...

7.5CVSS6AI score0.00576EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Apache Airflow: Sensitive configuration values are not masked in the logs by default

Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...

7.5CVSS6AI score0.01295EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

OpenStack improperly deletes access rules

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials...

5.5CVSS5.9AI score0.00493EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

changedetection.io path traversal using file URI scheme without supplying hostname

SummaryThe validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. DetailsThe check used for URL protocol, issafeurl, allows file: as a...

8.6CVSS5.9AI score0.00697EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Cross-site Scripting (XSS) - DOM in janeczku/calibre-web

A Cross-site Scripting XSS vulnerability exists in janeczku/calibre-web, specifically in the file editbooks.js. The vulnerability occurs when editing book properties, such as uploading a cover or a format. The affected code directly inserts user input into the DOM without proper sanitization,...

6.1CVSS6.2AI score0.00356EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•10 views

Generation of Error Message Containing Sensitive Information in janeczku/calibre-web

A vulnerability in janeczku/calibre-web allows unauthorized users to view the names of private shelves belonging to other users. This issue occurs in the file shelf.py at line 221, where the name of the shelf is exposed in an error message when a user attempts to remove a book from a shelf they d...

4.3CVSS6AI score0.00358EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

ansible-core Incorrect Authorization vulnerability

A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the user module against the unprivileged user's home directory. If the...

6.3CVSS5.9AI score0.00256EPSS
Exploits0References16Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Apache Airflow vulnerable to Insertion of Sensitive Information Into Sent Data

Airflow versions before 2.10.3 have a vulnerability that allows authenticated users with audit log access to see sensitive values in audit logs which they should not see.When sensitive variables were set via airflow CLI, values of those variables appeared in the audit log and were stored...

6.5CVSS5.8AI score0.01201EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Salt preflight script could be attacker controlled

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS6AI score0.00187EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Ansible-Core vulnerable to content protections bypass

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playboo...

5.5CVSS6.6AI score0.00502EPSS
Exploits0References15Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•8 views

Missing ratelimit on passwrod resets in zenml

zenml-io/zenml version 0.56.4 is vulnerable to an account takeover due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the 'Update Password' function, allowing them to take over the user's account. This vulnerability is due to the...

5.4CVSS6AI score0.00456EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

ReDoS in giskard's transformation.py (GHSL-2024-324)

ReDoS in Giskard text perturbation detectorA Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation...

6.9CVSS6.1AI score0.00784EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Improper Access Control in janeczku/calibre-web

An improper access control vulnerability exists in janeczku/calibre-web. The affected version allows users without public shelf permissions to create public shelves. The vulnerability is due to the createshelf method in shelf.py not verifying if the user has the necessary permissions to create a...

5.4CVSS6.2AI score0.00334EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Flair allows arbitrary code execution

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

7.5CVSS4.9AI score0.00537EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

MPXJ has a Potential Path Traversal Vulnerability

ImpactThe patch for the historical vulnerability CVE-2020-35460 in MPXJ is incomplete as there is still a possibility that a malicious path could be constructed which would not be picked up by the original fix and allow files to be written to arbitrary locations. PatchesThe issue is addressed in...

5.3CVSS6AI score0.01758EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Langflow vulnerable to remote code execution

langflow =1.0.18 is vulnerable to Remote Code Execution RCE as any component provided the code functionality and the components run on the local machine rather than in a sandbox...

9.8CVSS6.1AI score0.01318EPSS
Exploits2References7Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

gradio Server Side Request Forgery vulnerability

In gradio =4.42.0, the gr.DownloadButton function has a hidden server-side request forgery SSRF vulnerability. The reason is that within the saveurltocache function, there are no restrictions on the URL, which allows access to local target resources. This can lead to the download of local resourc...

7.1CVSS6AI score0.00464EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

Access control vulnerable to user data deletion by anonynmous users

ImpactAnonymous users can delete the user data maintained by an AccessControl.userfolder.UserFolder which may prevent any privileged access. PatchesThe problem is fixed in version 7.2. WorkaroundsThe problem can be fixed by adding dataroles = to AccessControl.userfolder.UserFolder...

9.1CVSS5.9AI score0.00413EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Lord of Large Language Models (LoLLMs) Server path traversal vulnerability in lollms_file_system.py

A path traversal vulnerability exists in the ParisNeo/lollms repository, specifically in the lollmsfilesystem.py file. The functions addragdatabase, togglemountragdatabase, and vectorizefolder do not implement security measures such as sanitizepathfromendpoint or sanitizepath. This allows an...

4.6CVSS6AI score0.00316EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

open-webui allows writing and deleting arbitrary files

In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHEDIR. This vulnerability allows attackers to overwrite and delete system files, potentially leading to remote cod...

7.2CVSS7AI score0.01032EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

MySQL Connector/Python connector takeover vulnerability

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors...

7.7CVSS5.9AI score0.00517EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

changedetection.io Path Traversal

SummaryWhen a WebDriver is used to fetch files source:file:///etc/passwd can be used to retrieve local system files, where the more traditional file:///etc/passwd gets blocked DetailsThe root cause is the payload source:file:///etc/passwdpasses the regex here and also passes the check here where ...

6.9CVSS5.9AI score0.0229EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•5 views

Werkzeug possible resource exhaustion when parsing file data in forms

Applications using Werkzeug to parse multipart/form-data requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the Request.maxformmemorysize setting.The Request.maxcontentlength setting, as well as resource limits provided by deployment software and platforms, a...

7.5CVSS6AI score0.01102EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

Langchain SQL Injection vulnerability

A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service DoS by deleting all data, breaches in multi-tenant securit...

9.8CVSS6AI score0.13803EPSS
Exploits2References8Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

Werkzeug safe_join not safe on Windows

On Python = 3.11, or not using Windows, are not vulnerable...

6.3CVSS6AI score0.00786EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

Starlette Denial of service (DoS) via multipart/form-data

SummaryStarlette treats multipart/form-data parts without a filename as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form fields and cause Starlette to both slow down significantly due to excessive memory allocations and...

8.7CVSS6AI score0.00658EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

open-webui Insecure Direct Object Reference (IDOR) vulnerability

An Insecure Direct Object Reference IDOR vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint http://0.0.0.0:3000/api/v1/memories/id/update, where the decentralization design is flawed, allowing attackers to edit other users' memories without...

7.1CVSS6AI score0.00357EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•6 views

OAuth2 client ID and secret exposed through the web browser

pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data...

9.9CVSS5.9AI score0.09685EPSS
Exploits2References6Affected Software1
PyPA
PyPA
•added 2026/07/07 2:34 p.m.•7 views

open-webui allows enumeration of file names and traversal of directories by observing the error messages

An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...

5.1CVSS6AI score0.00336EPSS
Exploits1References6Affected Software1
Total number of security vulnerabilities7044