GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
114 advisories
Filter by severity
A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via...
High
Unreviewed
CVE-2024-53555
was published
Nov 26, 2024
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is...
High
Unreviewed
CVE-2018-11525
was published
May 13, 2022
An issue in Snipe-IT v.7.0.13 build 15514 allows a remote attacker to escalate privileges via the...
High
Unreviewed
CVE-2024-51094
was published
Nov 12, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute...
High
Unreviewed
CVE-2021-38963
was published
Sep 25, 2024
CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in...
High
Unreviewed
CVE-2024-24337
was published
Feb 13, 2024
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows...
High
Unreviewed
CVE-2024-41226
was published
Aug 6, 2024
A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated...
High
Unreviewed
CVE-2024-3232
was published
Jul 16, 2024
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up...
High
Unreviewed
CVE-2023-5527
was published
Jun 18, 2024
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
High
Unreviewed
CVE-2023-31867
was published
Jun 22, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support...
High
Unreviewed
CVE-2023-25983
was published
Nov 15, 2023
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export...
High
Unreviewed
CVE-2024-25007
was published
Apr 4, 2024
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote...
High
Unreviewed
CVE-2023-22877
was published
Aug 28, 2023
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted...
High
Unreviewed
CVE-2023-38843
was published
Aug 17, 2023
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File
High
Unreviewed
CVE-2023-37219
was published
Jul 30, 2023
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website...
High
Unreviewed
CVE-2022-28864
was published
Jul 24, 2023
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection...
High
Unreviewed
CVE-2023-28958
was published
Jul 10, 2023
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in...
High
Unreviewed
CVE-2023-0721
was published
Jun 9, 2023
Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to...
High
Unreviewed
CVE-2023-33410
was published
Jun 5, 2023
ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and...
High
Unreviewed
CVE-2023-25348
was published
Apr 25, 2023
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in...
High
Unreviewed
CVE-2019-12134
was published
May 24, 2022
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1...
High
Unreviewed
CVE-2021-33256
was published
May 24, 2022
IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0...
High
Unreviewed
CVE-2023-35899
was published
Mar 21, 2024
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists,...
High
Unreviewed
CVE-2019-14352
was published
May 24, 2022
A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress...
High
Unreviewed
CVE-2019-17661
was published
May 24, 2022
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in...
High
Unreviewed
CVE-2022-3604
was published
Jan 16, 2024
ProTip!
Advisories are also available from the
GraphQL API