GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
199 advisories
Filter by severity
Improper Neutralization of Formula Elements in a CSV File vulnerability in Jackmail & Sarbacane...
High
Unreviewed
CVE-2022-46821
was published
Nov 7, 2023
Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML...
Moderate
Unreviewed
CVE-2023-43071
was published
Oct 5, 2023
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results"...
Critical
Unreviewed
CVE-2020-10131
was published
Sep 6, 2023
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote...
High
Unreviewed
CVE-2023-22877
was published
Aug 28, 2023
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted...
High
Unreviewed
CVE-2023-38843
was published
Aug 17, 2023
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability
High
CVE-2023-4006
was published
for
thorsten/phpmyfaq
(Composer)
Jul 31, 2023
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File
High
Unreviewed
CVE-2023-37219
was published
Jul 30, 2023
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website...
High
Unreviewed
CVE-2022-28864
was published
Jul 24, 2023
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web...
Moderate
Unreviewed
CVE-2023-3527
was published
Jul 19, 2023
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection...
High
Unreviewed
CVE-2023-28958
was published
Jul 10, 2023
Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling...
High
Unreviewed
CVE-2023-3493
was published
Jul 1, 2023
Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the...
Moderate
Unreviewed
CVE-2022-46408
was published
Jun 29, 2023
Admidio Improper Neutralization of Formula Elements in a CSV File vulnerability
High
CVE-2023-3302
was published
for
admidio/admidio
(Composer)
Jun 23, 2023
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
High
Unreviewed
CVE-2023-31867
was published
Jun 22, 2023
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in...
High
Unreviewed
CVE-2023-0721
was published
Jun 9, 2023
Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to...
High
Unreviewed
CVE-2023-33410
was published
Jun 5, 2023
Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection
High
CVE-2023-2629
was published
for
pimcore/customer-management-framework-bundle
(Composer)
May 11, 2023
RosarioSIS vulnerable to CSV Injection
Moderate
CVE-2023-29918
was published
for
francoisjacquet/rosariosis
(Composer)
May 2, 2023
ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and...
High
Unreviewed
CVE-2023-25348
was published
Apr 25, 2023
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io...
High
Unreviewed
CVE-2023-2258
was published
Apr 24, 2023
The SAP Application Interface Framework (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE...
Moderate
Unreviewed
CVE-2023-29109
was published
Apr 11, 2023
A improper neutralization of formula elements in a CSV file vulnerability in Fortinet...
High
Unreviewed
CVE-2023-25611
was published
Mar 7, 2023
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4...
High
Unreviewed
CVE-2022-35281
was published
Jan 9, 2023
An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the ...
Moderate
Unreviewed
CVE-2022-37786
was published
Jan 1, 2023
The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when...
High
Unreviewed
CVE-2022-3605
was published
Dec 12, 2022
ProTip!
Advisories are also available from the
GraphQL API