Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

127 advisories

Loading
The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it... High Unreviewed
CVE-2019-11872 was published May 24, 2022
A improper neutralization of formula elements in a CSV file vulnerability in Fortinet... High Unreviewed
CVE-2023-25611 was published Mar 7, 2023
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability High
CVE-2023-4006 was published for thorsten/phpmyfaq (Composer) Jul 31, 2023
Embedding untrusted input inside CSV files leads to Formula Injection/CSV Injection High
CVE-2023-2629 was published for pimcore/customer-management-framework-bundle (Composer) May 11, 2023
sampritdas8
Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io... High Unreviewed
CVE-2023-2258 was published Apr 24, 2023
Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling... High Unreviewed
CVE-2023-3493 was published Jul 1, 2023
Admidio Improper Neutralization of Formula Elements in a CSV File vulnerability High
CVE-2023-3302 was published for admidio/admidio (Composer) Jun 23, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist –... High Unreviewed
CVE-2023-41798 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Pär Thernström Simple... High Unreviewed
CVE-2022-45350 was published Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in AyeCode Ltd UsersWP... High Unreviewed
CVE-2022-47442 was published Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP... High Unreviewed
CVE-2022-38702 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie... High Unreviewed
CVE-2023-23678 was published Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to... High Unreviewed
CVE-2023-36527 was published Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech... High Unreviewed
CVE-2022-46804 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This... High Unreviewed
CVE-2022-45348 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User... High Unreviewed
CVE-2022-45078 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya... High Unreviewed
CVE-2022-41616 was published Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Shambix Simple CSV/XLS... High Unreviewed
CVE-2022-42882 was published Nov 7, 2023
Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject... High Unreviewed
CVE-2023-48029 was published Nov 17, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Jackmail & Sarbacane... High Unreviewed
CVE-2022-46821 was published Nov 7, 2023
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote... High Unreviewed
CVE-2023-42004 was published Nov 28, 2023
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the... High Unreviewed
CVE-2023-48207 was published Dec 7, 2023
Duplicate Advisory: ActiveAdmin vulnerable to CSV injection High
GHSA-rqxc-9p8h-xqgq was published for activeadmin (RubyGems) Dec 24, 2023 withdrawn
Potential CSV export data leak High
CVE-2023-50448 was published for activeadmin (RubyGems) Dec 15, 2023
emilong
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... High Unreviewed
CVE-2023-31295 was published Dec 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database