Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

127 advisories

Loading
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an... High Unreviewed
CVE-2021-38424 was published May 24, 2022
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some... High Unreviewed
CVE-2020-36503 was published May 24, 2022
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4... High Unreviewed
CVE-2021-24016 was published May 24, 2022
Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export. High Unreviewed
CVE-2021-27020 was published May 24, 2022
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1... High Unreviewed
CVE-2021-33256 was published May 24, 2022
A CWE-1236: Improper Neutralization of Formula Elements in a CSV File vulnerability exists in... High Unreviewed
CVE-2021-22771 was published May 24, 2022
The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet... High Unreviewed
CVE-2021-24441 was published May 24, 2022
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function.... High Unreviewed
CVE-2020-22390 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to... High Unreviewed
CVE-2021-29667 was published May 24, 2022
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of... High Unreviewed
CVE-2021-1474 was published May 24, 2022
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone... High Unreviewed
CVE-2021-24144 was published May 24, 2022
Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary... High Unreviewed
CVE-2020-19513 was published May 24, 2022
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker... High Unreviewed
CVE-2020-9200 was published May 24, 2022
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated... High Unreviewed
CVE-2020-28845 was published May 24, 2022
SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts,... High Unreviewed
CVE-2020-15301 was published May 24, 2022
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote... High Unreviewed
CVE-2020-4759 was published May 24, 2022
An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite... High Unreviewed
CVE-2020-25170 was published May 24, 2022
CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. High Unreviewed
CVE-2020-25398 was published May 24, 2022
phpMyAdmin through 5.0.2 allows CSV injection via Export Section High Unreviewed
CVE-2020-22278 was published May 24, 2022
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability... High Unreviewed
CVE-2020-9347 was published May 24, 2022
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists,... High Unreviewed
CVE-2019-14352 was published May 24, 2022
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in... High Unreviewed
CVE-2019-12134 was published May 24, 2022
The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it... High Unreviewed
CVE-2019-11872 was published May 24, 2022
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2... High Unreviewed
CVE-2019-4071 was published May 24, 2022
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in... High Unreviewed
CVE-2018-9106 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database