GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,849
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,029
Maven 5,207
npm 3,731
NuGet 662
pip 3,408
Pub 12
RubyGems 891
Rust 864
Swift 36

Unreviewed advisories

All unreviewed 237,191

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

114 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User... High Unreviewed

CVE-2022-45078 was published Nov 7, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This... High Unreviewed

CVE-2022-45348 was published Nov 7, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist –... High Unreviewed

CVE-2023-41798 was published Nov 7, 2023

IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote... High Unreviewed

CVE-2023-22877 was published Aug 28, 2023

An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted... High Unreviewed

CVE-2023-38843 was published Aug 17, 2023

Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File High Unreviewed

CVE-2023-37219 was published Jul 30, 2023

An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website... High Unreviewed

CVE-2022-28864 was published Jul 24, 2023

IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection... High Unreviewed

CVE-2023-28958 was published Jul 10, 2023

Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling... High Unreviewed

CVE-2023-3493 was published Jul 1, 2023

Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection. High Unreviewed

CVE-2023-31867 was published Jun 22, 2023

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in... High Unreviewed

CVE-2023-0721 was published Jun 9, 2023

Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to... High Unreviewed

CVE-2023-33410 was published Jun 5, 2023

ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and... High Unreviewed

CVE-2023-25348 was published Apr 25, 2023

Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io... High Unreviewed

CVE-2023-2258 was published Apr 24, 2023

A improper neutralization of formula elements in a CSV file vulnerability in Fortinet... High Unreviewed

CVE-2023-25611 was published Mar 7, 2023

IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4... High Unreviewed

CVE-2022-35281 was published Jan 9, 2023

The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when... High Unreviewed

CVE-2022-3605 was published Dec 12, 2022

The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up... High Unreviewed

CVE-2022-4034 was published Nov 29, 2022

A remote attacker with general user privilege can inject malicious code in the form content of... High Unreviewed

CVE-2022-41675 was published Nov 29, 2022

Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection... High Unreviewed

CVE-2022-44830 was published Nov 21, 2022

Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress. High Unreviewed

CVE-2022-41791 was published Nov 18, 2022

Auth. CSV Injection vulnerability in Export Users With Meta plugin <= 0.6.8 on WordPress. High Unreviewed

CVE-2022-44577 was published Nov 18, 2022

The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape... High Unreviewed

CVE-2022-3558 was published Nov 7, 2022

The application was identified to have an CSV injection in data export functionality, allowing... High Unreviewed

CVE-2022-40294 was published Nov 1, 2022

ZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 was discovered to... High Unreviewed

CVE-2022-40472 was published Sep 30, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

114 advisories