Vulnerabilities (CVE)

Filtered by vendor Pypi Subscribe
Total 16 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34500 1 Pypi 1 Pypi 2024-02-28 N/A 9.8 CRITICAL
The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party.
CVE-2022-34501 1 Pypi 1 Pypi 2024-02-28 N/A 9.8 CRITICAL
The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party.
CVE-2022-34055 1 Pypi 1 Drxhello 2024-02-28 7.5 HIGH 9.8 CRITICAL
The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-33003 1 Pypi 1 Watools 2024-02-28 7.5 HIGH 9.8 CRITICAL
The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34056 1 Pypi 1 Watertools 2024-02-28 7.5 HIGH 9.8 CRITICAL
The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-32996 1 Pypi 1 Django-navbar-client 2024-02-28 7.5 HIGH 9.8 CRITICAL
The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-33004 1 Pypi 1 Beginner 2024-02-28 7.5 HIGH 9.8 CRITICAL
The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-32997 1 Pypi 1 Rootinteractive 2024-02-28 7.5 HIGH 9.8 CRITICAL
The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-33000 1 Pypi 1 Ml-scanner 2024-02-28 7.5 HIGH 9.8 CRITICAL
The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34053 1 Pypi 1 Dr-web-engine 2024-02-28 7.5 HIGH 9.8 CRITICAL
The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-33001 1 Pypi 1 Aamiles 2024-02-28 7.5 HIGH 9.8 CRITICAL
The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-32998 1 Pypi 1 Cryptoasset-data-downloader 2024-02-28 7.5 HIGH 9.8 CRITICAL
The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-32999 1 Pypi 1 Cloudlabeling 2024-02-28 7.5 HIGH 9.8 CRITICAL
The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-33002 1 Pypi 1 Explore 2024-02-28 7.5 HIGH 9.8 CRITICAL
The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2022-34054 1 Pypi 1 Perdido 2024-02-28 7.5 HIGH 9.8 CRITICAL
The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVE-2020-15904 1 Pypi 1 Bsdiff4 2024-02-28 6.8 MEDIUM 7.8 HIGH
A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allows an attacker to write to heap memory (beyond allocated bounds) via a crafted patch file.