GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
125 advisories
Filter by severity
Improper Neutralization of Formula Elements in a CSV File vulnerability in Shambix Simple CSV/XLS...
High
Unreviewed
CVE-2022-42882
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP...
High
Unreviewed
CVE-2022-38702
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya...
High
Unreviewed
CVE-2022-41616
was published
Nov 7, 2023
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote...
High
Unreviewed
CVE-2023-22877
was published
Aug 28, 2023
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted...
High
Unreviewed
CVE-2023-38843
was published
Aug 17, 2023
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability
High
CVE-2023-4006
was published
for
thorsten/phpmyfaq
(Composer)
Jul 31, 2023
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File
High
Unreviewed
CVE-2023-37219
was published
Jul 30, 2023
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website...
High
Unreviewed
CVE-2022-28864
was published
Jul 24, 2023
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection...
High
Unreviewed
CVE-2023-28958
was published
Jul 10, 2023
Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling...
High
Unreviewed
CVE-2023-3493
was published
Jul 1, 2023
Admidio Improper Neutralization of Formula Elements in a CSV File vulnerability
High
CVE-2023-3302
was published
for
admidio/admidio
(Composer)
Jun 23, 2023
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
High
Unreviewed
CVE-2023-31867
was published
Jun 22, 2023
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in...
High
Unreviewed
CVE-2023-0721
was published
Jun 9, 2023
Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to...
High
Unreviewed
CVE-2023-33410
was published
Jun 5, 2023
Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection
High
CVE-2023-2629
was published
for
pimcore/customer-management-framework-bundle
(Composer)
May 11, 2023
ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and...
High
Unreviewed
CVE-2023-25348
was published
Apr 25, 2023
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io...
High
Unreviewed
CVE-2023-2258
was published
Apr 24, 2023
A improper neutralization of formula elements in a CSV file vulnerability in Fortinet...
High
Unreviewed
CVE-2023-25611
was published
Mar 7, 2023
IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4...
High
Unreviewed
CVE-2022-35281
was published
Jan 9, 2023
The WP CSV Exporter WordPress plugin before 1.3.7 does not properly escape the fields when...
High
Unreviewed
CVE-2022-3605
was published
Dec 12, 2022
The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up...
High
Unreviewed
CVE-2022-4034
was published
Nov 29, 2022
A remote attacker with general user privilege can inject malicious code in the form content of...
High
Unreviewed
CVE-2022-41675
was published
Nov 29, 2022
Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection...
High
Unreviewed
CVE-2022-44830
was published
Nov 21, 2022
Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.
High
Unreviewed
CVE-2022-41791
was published
Nov 18, 2022
Auth. CSV Injection vulnerability in Export Users With Meta plugin <= 0.6.8 on WordPress.
High
Unreviewed
CVE-2022-44577
was published
Nov 18, 2022
ProTip!
Advisories are also available from the
GraphQL API