Search

262 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.3CVE-2025-2953EPSS 0.06%PyTorch susceptible to local Denial of Service3/30/2025
LOW3.8CVE-2025-1474EPSS 0.10%MLflow has Weak Password Requirements3/20/2025
LOW3.7CVE-2025-24023EPSS 0.50%Flask-AppBuilder Observable Response Discrepancy3/3/2025
LOW3.6CVE-2025-27145EPSS 0.30%copyparty renders unsanitized filenames as HTML when user uploads empty files2/26/2025
LOW2.6CVE-2025-25183EPSS 0.32%vLLM uses Python 3.12 built-in hash() which leads to predictable hash collisions in prefix cache2/6/2025
LOW3.7CVE-2025-22151EPSS 0.24%Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution1/9/2025
LOW2.2CVE-2024-53861EPSS 1.0%PyJWT Issuer field partial matches allowed12/2/2024
LOW3.4CVE-2024-6971EPSS 0.03%Lord of Large Language Models (LoLLMs) Server path traversal vulnerability in lollms_file_system.py10/11/2024
LOW3.7CVE-2024-47869EPSS 0.16%Gradio performs a non-constant-time comparison when comparing hashes10/10/2024
LOW2.7CVE-2024-7038EPSS 0.21%open-webui allows enumeration of file names and traversal of directories by observing the error messages10/9/2024
LOW2.9CVE-2024-47813EPSS 0.01%Race condition could lead to WebAssembly control-flow integrity and type safety violations10/9/2024
LOW3.7CVE-2024-45231EPSS 0.24%Django allows enumeration of user e-mail addresses10/8/2024
LOW3.5CVE-2024-9277EPSS 0.17%Inefficient Regular Expression Complexity in langflow9/27/2024
LOW3.5CVE-2024-8865EPSS 0.34%Composio Path Traversal vulnerability9/16/2024
LOW3.5CVE-2024-8863EPSS 0.13%Aim Stored XSS through TEXT EXPLORER9/16/2024
LOW3.6CVE-2024-45314EPSS 0.13%Flask-AppBuilder's login form allows browser to cache sensitive fields9/4/2024
LOW3.7CVE-2023-23611EPSS 0.15%LTI 1.3 Grade Pass Back Implementation has Missing Authorization Vulnerability8/30/2024
LOW2.8CVE-2020-15100EPSS 0.06%freewvs vulnerable to denial of service through large files8/30/2024
LOW2.8CVE-2020-15101EPSS 0.17%freewvs's nested directory structure can interrupt scan8/30/2024
LOW3.1CVE-2024-32152EPSS 0.26%Ankitects Anki LaTeX Blocklist Bypass vulnerability7/22/2024
LOW3.8CVE-2024-41124EPSS 0.03%[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`7/19/2024
LOW2.5CVE-2024-40647EPSS 0.03%Sentry's Python SDK unintentionally exposes environment variables to subprocesses7/18/2024
LOW3.7CVE-2024-30471EPSS 1.4%Apache StreamPipes potentially allows creation of multiple identical accounts7/17/2024
LOW3.9CVE-2024-4680EPSS 0.08%zenml-io/zenml does not expire the session after password reset6/8/2024
LOW3.3CVE-2024-2213EPSS 0.01%Improper authentication in zenml6/6/2024

← PrevPage 3 of 11Next →