GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
32 advisories
Filter by severity
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7...
Critical
Unreviewed
CVE-2023-47534
was published
Mar 12, 2024
Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder |...
Critical
Unreviewed
CVE-2023-23796
was published
Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue...
Critical
Unreviewed
CVE-2023-22719
was published
Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee Product...
Critical
Unreviewed
CVE-2022-46802
was published
Nov 13, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenderd 1003 Mortgage...
Critical
Unreviewed
CVE-2022-45357
was published
Nov 13, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site...
Critical
Unreviewed
CVE-2022-46801
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram...
Critical
Unreviewed
CVE-2022-45810
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX –...
Critical
Unreviewed
CVE-2022-46809
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter...
Critical
Unreviewed
CVE-2022-46803
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter...
Critical
Unreviewed
CVE-2022-45360
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress...
Critical
Unreviewed
CVE-2022-45370
was published
Nov 7, 2023
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results"...
Critical
Unreviewed
CVE-2020-10131
was published
Sep 6, 2023
The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list...
Critical
Unreviewed
CVE-2022-3603
was published
Nov 28, 2022
The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output...
Critical
Unreviewed
CVE-2022-3600
was published
Nov 21, 2022
The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when...
Critical
Unreviewed
CVE-2022-3634
was published
Nov 21, 2022
The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the...
Critical
Unreviewed
CVE-2022-3574
was published
Nov 14, 2022
CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.
Critical
Unreviewed
CVE-2022-27858
was published
Nov 9, 2022
The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when...
Critical
Unreviewed
CVE-2022-3463
was published
Nov 7, 2022
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote...
Critical
Unreviewed
CVE-2022-22425
was published
Nov 4, 2022
The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields...
Critical
Unreviewed
CVE-2022-3393
was published
Oct 25, 2022
SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to...
Critical
Unreviewed
CVE-2021-38180
was published
May 24, 2022
phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.
Critical
Unreviewed
CVE-2021-3188
was published
May 24, 2022
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.
Critical
Unreviewed
CVE-2020-22274
was published
May 24, 2022
WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.
Critical
Unreviewed
CVE-2020-22276
was published
May 24, 2022
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey...
Critical
Unreviewed
CVE-2019-16184
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API