Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

194 advisories

Loading
The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users. Moderate Unreviewed
CVE-2019-20180 was published May 24, 2022
KeePass 2.4.1 allows CSV injection in the title field of a CSV export. Moderate Unreviewed
CVE-2019-20184 was published May 24, 2022
The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields... Moderate Unreviewed
CVE-2020-9372 was published May 24, 2022
admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi... Moderate Unreviewed
CVE-2020-10460 was published May 24, 2022
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability... High Unreviewed
CVE-2020-9347 was published May 24, 2022
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point... Moderate Unreviewed
CVE-2020-16214 was published May 24, 2022
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. Critical Unreviewed
CVE-2020-22274 was published May 24, 2022
WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. Critical Unreviewed
CVE-2020-22276 was published May 24, 2022
phpMyAdmin through 5.0.2 allows CSV injection via Export Section High Unreviewed
CVE-2020-22278 was published May 24, 2022
CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. High Unreviewed
CVE-2020-25398 was published May 24, 2022
An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite... High Unreviewed
CVE-2020-25170 was published May 24, 2022
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote... High Unreviewed
CVE-2020-4759 was published May 24, 2022
SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts,... High Unreviewed
CVE-2020-15301 was published May 24, 2022
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated... High Unreviewed
CVE-2020-28845 was published May 24, 2022
OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls... Moderate Unreviewed
CVE-2020-28861 was published May 24, 2022
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker... High Unreviewed
CVE-2020-9200 was published May 24, 2022
phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports. Critical Unreviewed
CVE-2021-3188 was published May 24, 2022
There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may... Moderate Unreviewed
CVE-2020-9205 was published May 24, 2022
Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary... High Unreviewed
CVE-2020-19513 was published May 24, 2022
A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be... Moderate Unreviewed
CVE-2021-27839 was published May 24, 2022
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone... High Unreviewed
CVE-2021-24144 was published May 24, 2022
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of... Moderate Unreviewed
CVE-2021-1475 was published May 24, 2022
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of... High Unreviewed
CVE-2021-1474 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to... High Unreviewed
CVE-2021-29667 was published May 24, 2022
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function.... High Unreviewed
CVE-2020-22390 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API