Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

215 advisories

Loading
MantisBT CSV Injection unprivileged user access in csv_export.php High
CVE-2021-43257 was published for mantisbt/mantisbt (Composer) Apr 15, 2022
Data provided in a request performed to the server while activating a new device are put in a... Low Unreviewed
CVE-2025-1421 was published May 21, 2025
Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to... High Unreviewed
CVE-2022-37905 was published Dec 12, 2022
phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to... Moderate Unreviewed
CVE-2024-9102 was published Dec 19, 2024
CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-29375 was published Apr 4, 2024
Apache Ranger Improper Neutralization of Formula Elements vulnerability Low
CVE-2024-55532 was published for org.apache.ranger:security-admin-web (Maven) Mar 3, 2025
PHPJabbers Car Park Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51311 was published Feb 20, 2025
PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51333 was published Feb 20, 2025
PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which... High Unreviewed
CVE-2023-51336 was published Feb 20, 2025
PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51319 was published Feb 20, 2025
PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an... High Unreviewed
CVE-2023-51302 was published Feb 19, 2025
PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows... Moderate Unreviewed
CVE-2023-51298 was published Feb 19, 2025
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all... Moderate Unreviewed
CVE-2024-3214 was published Apr 9, 2024
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. High Unreviewed
CVE-2023-46401 was published Jan 24, 2025
KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function. Moderate Unreviewed
CVE-2023-46400 was published Jan 24, 2025
An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through... Critical Unreviewed
CVE-2024-47572 was published Jan 14, 2025
The ZENIC ONE R58 products by ZTE Corporation have a command injection vulnerability. An... High Unreviewed
CVE-2024-22063 was published Dec 30, 2024
A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2024-53555 was published Nov 26, 2024
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is... High Unreviewed
CVE-2018-11525 was published May 13, 2022
An issue in Snipe-IT v.7.0.13 build 15514 allows a remote attacker to escalate privileges via the... High Unreviewed
CVE-2024-51094 was published Nov 12, 2024
CSV injection in shuup High
CVE-2021-25962 was published for shuup (pip) Sep 30, 2021
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an... Moderate Unreviewed
CVE-2024-47485 was published Oct 18, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute... High Unreviewed
CVE-2021-38963 was published Sep 25, 2024
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27320 was published for refuel-autolabel (pip) Sep 12, 2024
Improper Neutralization of Formula Elements in a CSV File in html-2-csv Moderate
CVE-2021-23654 was published for html-to-csv (pip) Nov 30, 2021
KateCatlin
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database