Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,380
Erlang
33
GitHub Actions
22
Go
2,139
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

136 advisories

Loading
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection... High Unreviewed
CVE-2023-28958 was published Jul 10, 2023
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in... High Unreviewed
CVE-2023-0721 was published Jun 9, 2023
Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to... High Unreviewed
CVE-2023-33410 was published Jun 5, 2023
ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and... High Unreviewed
CVE-2023-25348 was published Apr 25, 2023
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in... High Unreviewed
CVE-2019-12134 was published May 24, 2022
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1... High Unreviewed
CVE-2021-33256 was published May 24, 2022
IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0... High Unreviewed
CVE-2023-35899 was published Mar 21, 2024
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists,... High Unreviewed
CVE-2019-14352 was published May 24, 2022
A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress... High Unreviewed
CVE-2019-17661 was published May 24, 2022
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in... High Unreviewed
CVE-2022-3604 was published Jan 16, 2024
The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and... High Unreviewed
CVE-2022-3026 was published Sep 7, 2022
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... High Unreviewed
CVE-2023-31294 was published Dec 29, 2023
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... High Unreviewed
CVE-2023-31295 was published Dec 29, 2023
Potential CSV export data leak High
CVE-2023-50448 was published for activeadmin (RubyGems) Dec 15, 2023
emilong
Duplicate Advisory: ActiveAdmin vulnerable to CSV injection High
GHSA-rqxc-9p8h-xqgq was published for activeadmin (RubyGems) Dec 24, 2023 withdrawn
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the... High Unreviewed
CVE-2023-48207 was published Dec 7, 2023
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote... High Unreviewed
CVE-2023-42004 was published Nov 28, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Jackmail & Sarbacane... High Unreviewed
CVE-2022-46821 was published Nov 7, 2023
Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject... High Unreviewed
CVE-2023-48029 was published Nov 17, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Shambix Simple CSV/XLS... High Unreviewed
CVE-2022-42882 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya... High Unreviewed
CVE-2022-41616 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User... High Unreviewed
CVE-2022-45078 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This... High Unreviewed
CVE-2022-45348 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech... High Unreviewed
CVE-2022-46804 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to... High Unreviewed
CVE-2023-36527 was published Nov 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database