Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
255637
AlmaLinux
3295
Alpine
3588
Android
2135
Bitnami
4630
Chainguard
14782
CRAN
10
crates.io
1523
Debian
42353
GIT
23956
GitHub Actions
21
Go
3669
Hackage
19
Hex
32
Linux
13574
Maven
5145
npm
20983
NuGet
1377
openSUSE
9049
OSS-Fuzz
2616
Packagist
4201
Pub
10
PyPI
14686
Red Hat
14762
Rocky Linux
1442
RubyGems
1644
SUSE
15244
SwiftURL
33
Ubuntu
41927
Wolfi
8931
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2024-11248
Not specified
Malicious code in gwinpy (PyPI)
1 hour ago
No fix available
GHSA-8498-2h75-472j
PyPI/django
Django denial-of-service in django.utils.html.strip_tags()
2 days ago
Fix available
Severity - 6.6 (Medium)
GHSA-m9g8-fxxm-xg86
PyPI/django
Django SQL injection in HasKey(lhs, rhs) on Oracle
2 days ago
Fix available
Severity - 7.2 (High)
GHSA-5jc6-h9w7-jm3p
PyPI/mobsf
Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality
5 days ago
Fix available
Severity - 6.2 (Medium)
GHSA-56w4-5538-8v8h
PyPI/matrix-synapse
Synapse Matrix has a partial room state leak via Sliding Sync
5 days ago
Fix available
Severity - 4.3 (Medium)
GHSA-vp6v-whfm-rv3g
PyPI/matrix-synapse
Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
5 days ago
Fix available
Severity - 8.2 (High)
GHSA-f3r3-h2mq-hx2h
PyPI/matrix-synapse
Synapse allows a a malformed invite to break the invitee's `/sync`
5 days ago
Fix available
Severity - 8.7 (High)
GHSA-rfq8-j7rh-8hf2
PyPI/matrix-synapse
Synapse allows unsupported content types to lead to memory exhaustion
5 days ago
Fix available
Severity - 8.2 (High)
GHSA-gjgr-7834-rhxr
PyPI/matrix-synapse
Synapse's unauthenticated writes to the media repository allow planting of problematic content
5 days ago
Fix available
Severity - 6.9 (Medium)
GHSA-4mhg-xv73-xq2x
PyPI/matrix-synapse
Synapse denial of service through media disk space consumption
5 days ago
Fix available
Severity - 8.7 (High)
GHSA-59g5-xgcq-4qw3
PyPI/python-multipart
Denial of service (DoS) via deformation `multipart/form-data` boundary
5 days ago
Fix available
Severity - 8.7 (High)
GHSA-p57h-3cmc-xpjq
PyPI/zhmcclient
Python package "zhmcclient" stores passwords in clear text in its HMC and API logs
6 days ago
Fix available
Severity - 6.2 (Medium)
GHSA-75c5-xw7c-p5pm
PyPI/pyjwt
PyJWT Issuer field partial matches allowed
6 days ago
Fix available
Severity - 2.1 (Low)
GHSA-q6mv-284r-mp36
PyPI/check-jsonschema
check-jsonschema default caching for remote schemas allows for cache confusion
6 days ago
Fix available
Severity - 6.1 (Medium)
GHSA-x4x5-jx9j-mmv7
PyPI/pyspider
pyspider Cross-site Scripting vulnerability
29 Nov
No fix available
Severity - 5.3 (Medium)
GHSA-v7vm-rhmg-8j2r
PyPI/ethyca-fides
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API
26 Nov
Fix available
Severity - 1.9 (Low)
Load more...
PyPI - OSV