GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,029
Maven
5,000+
npm
3,731
NuGet
662
pip
3,408
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
32 advisories
Filter by severity
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results"...
Critical
Unreviewed
CVE-2020-10131
was published
Sep 6, 2023
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey...
Critical
Unreviewed
CVE-2019-16184
was published
May 24, 2022
** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins...
Critical
Unreviewed
CVE-2018-15474
was published
May 13, 2022
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7...
Critical
Unreviewed
CVE-2023-47534
was published
Mar 12, 2024
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress...
Critical
Unreviewed
CVE-2022-45370
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter...
Critical
Unreviewed
CVE-2022-45360
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram...
Critical
Unreviewed
CVE-2022-45810
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site...
Critical
Unreviewed
CVE-2022-46801
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue...
Critical
Unreviewed
CVE-2023-22719
was published
Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder |...
Critical
Unreviewed
CVE-2023-23796
was published
Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX –...
Critical
Unreviewed
CVE-2022-46809
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter...
Critical
Unreviewed
CVE-2022-46803
was published
Nov 7, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenderd 1003 Mortgage...
Critical
Unreviewed
CVE-2022-45357
was published
Nov 13, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee Product...
Critical
Unreviewed
CVE-2022-46802
was published
Nov 13, 2023
CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.
Critical
Unreviewed
CVE-2022-27858
was published
Nov 9, 2022
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable...
Critical
Unreviewed
CVE-2019-12765
was published
May 24, 2022
The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when...
Critical
Unreviewed
CVE-2022-3634
was published
Nov 21, 2022
The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output...
Critical
Unreviewed
CVE-2022-3600
was published
Nov 21, 2022
The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list...
Critical
Unreviewed
CVE-2022-3603
was published
Nov 28, 2022
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote...
Critical
Unreviewed
CVE-2022-22425
was published
Nov 4, 2022
CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension...
Critical
Unreviewed
CVE-2018-9035
was published
May 13, 2022
An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv...
Critical
Unreviewed
CVE-2018-20752
was published
May 13, 2022
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject...
Critical
Unreviewed
CVE-2018-11652
was published
May 13, 2022
The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when...
Critical
Unreviewed
CVE-2022-3463
was published
Nov 7, 2022
The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields...
Critical
Unreviewed
CVE-2022-3393
was published
Oct 25, 2022
ProTip!
Advisories are also available from the
GraphQL API