Lucene search
+L

7044 matches found

pypa
pypa
added 2026/07/07 11:45 a.m.5 views

LangChain's XMLOutputParser vulnerable to XML Entity Expansion

The XMLOutputParser in LangChain uses the etree module from the XML parser in the standard python library which has some XML vulnerabilities; see: https://docs.python.org/3/library/xml.htmlThis primarily affects users that combine an LLM or agent with the XMLOutputParser and expose the component...

5.9CVSS6.2AI score0.0077EPSS
Exploits1References9Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

ESPHome vulnerable to Authentication bypass via Cross site request forgery

SummaryAPI endpoints in dashboard component of ESPHome version 2023.12.9 command line installation are vulnerable to Cross-Site Request Forgery CSRF allowing remote attackers to carry out attacks against a logged user of the dashboard to perform operations on configuration files create, edit,...

8.1CVSS6.8AI score0.00269EPSS
Exploits0References10Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

PaddlePaddle allows arbitrary file read via paddle.vision.ops.read_file

paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.readfile...

8.2CVSS7.2AI score0.00564EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.6 views

ansys-geometry-core OS Command Injection vulnerability

subprocess call with shell=True identified, security issue. CodeOn file src/ansys/geometry/core/connection/productinstance.py:403 def startprogramargs: Liststr, localenv: Dictstr, str - subprocess.Popen:404 """405 Start the program where the path is the first item of the args array argument.40640...

7.8CVSS5.9AI score0.00334EPSS
Exploits1References11Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Apache Airflow Improper Preservation of Permissions vulnerability

Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3.Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

5.3CVSS5.8AI score0.0146EPSS
Exploits0References10Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Saleor: Customers' addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method

SummaryUsing Pickup: Local stock only as a click-and-collect points could cause a leak of customer addresses DetailsWhen using Pickup: Local stock only click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its...

5.4CVSS5.9AI score0.00537EPSS
Exploits0References21Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Unauthenticated views may expose information to anonymous users

ImpactA number of Nautobot URL endpoints were found to be improperly accessible to unauthenticated anonymous users, including the following:- /api/graphql/ 1- /api/users/users/session/ Nautobot 2.x only; the only information exposed to an anonymous user is which authentication backend classes are...

5.3CVSS5.8AI score0.00628EPSS
Exploits0References11Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

gradio Server-Side Request Forgery vulnerability

An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the /proxy route. Attackers can exploit this vulnerability by manipulating the self.replicaurls set through the X-Direct-Url header in requests to the / and /config routes, allowing the...

7.3CVSS7.2AI score0.00421EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

SSRF Vulnerability on assetlinks_check(act_name, well_knowns)

SummaryWhile examining the "App Link assetlinks.json file could not be found" vulnerability detected by MobSF, we, as the Trendyol Application Security team, noticed that a GET request was sent to the "/.well-known/assetlinks.json" endpoint for all hosts written with "android:host". In the...

7.5CVSS7AI score0.00712EPSS
Exploits1References10Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Denial of service via regular expression

ImpactAll historical installations of django-wiki are vulnerable to maliciously crafted article content, that can cause severe use of server CPU through a regular expression loop. Patches WorkaroundsClose off access to create and edit articles by anonymous users. ReferencesAre there any links use...

7.5CVSS7.1AI score0.00605EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

RCE in TranformGraph().to_dot_graph function

SummaryRCE due to improper input validation in TranformGraph.todotgraph function DetailsDue to improper input validation a malicious user can provide a command or a script file as a value to savelayout argument, which will be placed as the first value in a list of arguments passed to...

8.4CVSS6.1AI score0.01124EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

vantage6 vulnerable to a username timing attack on recover password/MFA token

ImpactMuch like https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes /recover/lost and /2fa/lost, which send emails to users if they have lost their password or MFA token. Usernames can be...

5.3CVSS6.1AI score0.00394EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace

Summary and impactGoogleOAuthenticator.hosteddomain is used to restrict what Google accounts can be authorized to access a JupyterHub. The restriction is intended to ensure Google accounts are part of one or more Google organizations/workspaces verified to control specified domains.The...

9.1CVSS7AI score0.00589EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code

Summarydeserializing json data using qiskitibmruntime.RuntimeDecoder can be made to execute arbitrary code given a correctly formatted input string DetailsRuntimeDecoder is supposed to be able to deserialize JSON strings containing various special types encoded via RuntimeEncoder. However, one ca...

7.8CVSS6.5AI score0.00372EPSS
Exploits1References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.6 views

vantage6's CORS settings overly permissive

ImpactThe vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The impact is limited because v6 does not use session cookies PatchesNo WorkaroundsNo...

6.5CVSS5.9AI score0.00311EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Potential log injection in reset user endpoint in CKAN

A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log entries or corrupt the log file format. PatchesThis has been fixed in the CKAN 2.9.11 and 2.10.4 versions WorkaroundsOverride the...

5.3CVSS5.9AI score0.00434EPSS
Exploits0References9Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Information leakage in YAQL

YAQL before 3.0.0 is used in Murano, the Murano service's MuranoPL extension to the YAQL language fails to sanitize the supplied environment, leading to potential leakage of sensitive service account information...

6.5CVSS6.8AI score0.0074EPSS
Exploits0References8Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Improper Privilege Management in djangorestframework-simplejwt

djangorestframework-simplejwt before version 5.5.1 is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6.1AI score0.00804EPSS
Exploits4References13Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

JWCrypto vulnerable to JWT bomb Attack in `deserialize` function

Affected versionVendor: https://github.com/latchset/jwcryptoVersion: 1.5.5 DescriptionAn attacker can cause a DoS attack by passing in a malicious JWE Token with a high compression ratio.When the server processes this Token, it will consume a lot of memory and processing time. Pocpythonfrom...

6.8CVSS6.5AI score0.0098EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

LibOSDP vulnerable to a null pointer deref in osdp_reply_name

Issue:At ospdcommon.c, on the osdpreplyname function, any reply id between REPLYACK and REPLYXRD is valid, but names array do not declare all of the range. On a case of an undefined reply id within the range, name will be null name = namesreplyid - REPLYACK;. Null name will casue a crash on next...

6.5CVSS5.9AI score0.00333EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Remote Code Execution Vulnerability in Microsoft Django Backend for SQL Server

Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.3AI score0.02124EPSS
Exploits0References5Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

ESPHome vulnerable to remote code execution via arbitrary file write

SummarySecurity misconfiguration in edit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation allows authenticated remote attackers to read and write arbitrary files under the configuration directory rendering remote code execution possible. Details...

8.8CVSS7.9AI score0.01535EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

esphome vulnerable to stored Cross-site Scripting in edit configuration file API

SummaryEdit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation and Home Assistant add-on serves unsanitized data with “Content-Type: text/html; charset=UTF-8”, allowing remote authenticated user to inject arbitrary web script and exfiltrate sessio...

8.7CVSS6.8AI score0.00676EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

LibOSDP RMAC revert to the beginning of the session

- Issues: - SCS14 is allowed on encrypted connection osdpphy.c - No validation for RMACI is only in response to osdpSCRYPT osdpcp.c - Couldn't find anything specific in the OSDP specifications indicating it is forbidden, I'm gussing it shouldn't be allowed according from the secure connection...

5.1CVSS5.8AI score0.00126EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Django MarkdownX Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements...

6.1CVSS6.2AI score0.00386EPSS
Exploits0References5Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

WeasyPrint allows the attachment of arbitrary files and URLs to a PDF

ImpactSince version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. PatchesFixed by 734ee8e that’s included in 61.2 Workarounds- Check that no PDF attachment...

7.4CVSS7.2AI score0.00623EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

PaddlePaddle command injection vulnerability

Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0...

9.3CVSS7.1AI score0.01166EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Phone information disclosure vulnerability

Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request...

7.5CVSS7.1AI score0.00697EPSS
Exploits1References5Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

PaddlePaddle command injection in paddle.utils.download._wget_download

Command injection in paddle.utils.download.wgetdownload bypass filter in paddlepaddle/paddle 2.6.0...

9.3CVSS7.2AI score0.01132EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Mezzanine allows attackers to bypass access controls via manipulating the Host header

An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header...

9.1CVSS6AI score0.00874EPSS
Exploits2References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.3 views

Mezzanine allows attackers to bypass access control mechanisms

An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request...

9.8CVSS7.2AI score0.01096EPSS
Exploits2References9Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.3 views

Docassemble HTML and javascript injection

ImpactA user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The HTML can also contain...

6.1CVSS6.4AI score0.00434EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.3 views

Apache Superset: Improper Neutralization of custom SQL on embedded context

A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.Users are recommended to upgrade to version 3.1.1 or 3.0.4, whic...

4.3CVSS6.2AI score0.00945EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Apache Superset: Improper data authorization when creating a new dataset

Apache Superset with custom roles that include can write on dataset and without all data access permissions, allows for users to create virtual datasets to data they don't have access to. These users could then use those virtual datasets to get access to unauthorized data.This issue affects Apach...

6.5CVSS6.4AI score0.00727EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Apache Superset: Improper error handling on alerts

An authenticated user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database. This error is not properly handled by Apache Superset and may inadvertently surface in the error log of the Alert...

5.3CVSS6AI score0.00969EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Flask-AppBuilder's OAuth login page subject to Cross Site Scripting (XSS)

ImpactA Cross-Site Scripting XSS vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute malicious javascript code that would get executed on the user's browser.Impacted...

6.1CVSS6.1AI score0.00567EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.3 views

ZenML Server Remote Privilege Escalation Vulnerability

ZenML Server in the ZenML package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched versions: 0.44.4,...

8.8CVSS6.9AI score0.70581EPSS
Exploits1References8Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Apache Superset: Improper authorization validation on dashboards and charts import

A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be...

5.4CVSS6AI score0.00866EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Apache Superset: Improper validation of SQL statements allows for unauthorized access to data

Improper parsing of nested SQL statements on SQLLab would allow authenticated users to surpass their data authorization scope.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.Users are recommended to upgrade to version 3.1.1, which fixes the issue...

6.5CVSS6AI score0.00773EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.6 views

Docassemble open redirect

ImpactIt is possible to create a URL that acts as an open redirect. PatchesThe vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched. WorkaroundsIf upgrading is not possible, manually apply the changes of 4801ac7 and restart the serv...

6.1CVSS6.3AI score0.00411EPSS
Exploits0References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Docassemble unauthorized access through URL manipulation

ImpactThe vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. PatchesThe vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched...

7.5CVSS7AI score0.69486EPSS
Exploits2References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Python Cryptography package vulnerable to Bleichenbacher timing oracle attack

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data...

8.7CVSS7.1AI score0.01118EPSS
Exploits0References8Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Kinto Attachment's attachments can be replaced on read-only records

ImpactThe attachment file of an existing record can be replaced if the user has "read" permission on one of the parent collection or bucket.And if the "read" permission is given to "system.Everyone" on one of the parent, then the attachment can be replaced on a record using an anonymous...

8.6CVSS5.9AI score0.00702EPSS
Exploits0References7Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Potentially untrusted input is rendered as HTML in final output

ImpactAll users of mjml-python who insert untrusted data into mjml templates unless that data is checked in a very strict manner. User input like would be rendered as...

8.2CVSS7.2AI score0.00621EPSS
Exploits1References9Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

langchain Server-Side Request Forgery vulnerability

With the following crawler configuration:pythonfrom bs4 import BeautifulSoup as Soupurl = "https://example.com"loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".text docs = loader.loadAn attacker in control of the contents of https://example.com could place...

8.1CVSS6.3AI score0.00517EPSS
Exploits1References9Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Allegro AI ClearML vulnerable to deserialization of untrusted data

Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with...

8.8CVSS7.5AI score0.02452EPSS
Exploits9References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Scrapy decompression bomb vulnerability

ImpactScrapy limits allowed response sizes by default through the DOWNLOADMAXSIZE and DOWNLOADWARNSIZE settings.However, those limits were only being enforced during the download of the raw, usually-compressed response bodies, and not during decompression, making Scrapy vulnerable to decompressio...

7.5CVSS7.1AI score0.00807EPSS
Exploits1References9Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

pyLoad open redirect vulnerability due to improper validation of the is_safe_url function

SummaryOpen redirect vulnerability due to incorrect validation of input values when redirecting users after login. Detailspyload is validating URLs via the getredirecturl function when redirecting users at login.The URL entered in the next variable goes through the issafeurl function, where a lac...

6.1CVSS6.2AI score0.00545EPSS
Exploits1References6Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.4 views

Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance

Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords...

7.1CVSS7AI score0.00255EPSS
Exploits0References5Affected Software1
pypa
pypa
added 2026/07/07 11:45 a.m.5 views

Scrapy authorization header leakage on cross-domain redirect

ImpactWhen you send a request with the Authorization header to one domain, and the response asks to redirect to a different domain, Scrapy’s built-in redirect middleware creates a follow-up redirect request that keeps the original Authorization header, leaking its content to that second domain.Th...

7.5CVSS7AI score0.00642EPSS
Exploits1References7Affected Software1
Total number of security vulnerabilities7044