GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,438
Composer 4,411
Erlang 33
GitHub Actions 22
Go 2,146
Maven 5,316
npm 3,808
NuGet 687
pip 3,481
Pub 12
RubyGems 897
Rust 899
Swift 38

Unreviewed advisories

All unreviewed 246,096

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

188 advisories

Filter by severity

Sort by

Least recently updated

PHPJabbers Car Park Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed

CVE-2023-51311 was published Feb 20, 2025

PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed

CVE-2023-51333 was published Feb 20, 2025

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which... High Unreviewed

CVE-2023-51336 was published Feb 20, 2025

PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed

CVE-2023-51319 was published Feb 20, 2025

PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an... High Unreviewed

CVE-2023-51302 was published Feb 19, 2025

PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows... Moderate Unreviewed

CVE-2023-51298 was published Feb 19, 2025

The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all... Moderate Unreviewed

CVE-2024-3214 was published Apr 9, 2024

KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. High Unreviewed

CVE-2023-46401 was published Jan 24, 2025

KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function. Moderate Unreviewed

CVE-2023-46400 was published Jan 24, 2025

An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through... Critical Unreviewed

CVE-2024-47572 was published Jan 14, 2025

The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An... High Unreviewed

CVE-2024-22063 was published Dec 30, 2024

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to... Moderate Unreviewed

CVE-2024-9102 was published Dec 19, 2024

A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via... High Unreviewed

CVE-2024-53555 was published Nov 26, 2024

The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is... High Unreviewed

CVE-2018-11525 was published May 13, 2022

An issue in Snipe-IT v.7.0.13 build 15514 allows a remote attacker to escalate privileges via the... High Unreviewed

CVE-2024-51094 was published Nov 12, 2024

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an... Moderate Unreviewed

CVE-2024-47485 was published Oct 18, 2024

IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute... High Unreviewed

CVE-2021-38963 was published Sep 25, 2024

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... Moderate Unreviewed

CVE-2023-31296 was published Dec 29, 2023

CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in... High Unreviewed

CVE-2024-24337 was published Feb 13, 2024

A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows... High Unreviewed

CVE-2024-41226 was published Aug 6, 2024

A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated... High Unreviewed

CVE-2024-3232 was published Jul 16, 2024

An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in... Moderate Unreviewed

CVE-2024-27785 was published Jul 9, 2024

The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up... High Unreviewed

CVE-2023-5527 was published Jun 18, 2024

The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and... Moderate Unreviewed

CVE-2023-5424 was published Jun 7, 2024

The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users. Moderate Unreviewed

CVE-2019-20180 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

188 advisories