Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

203 advisories

Loading
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote... High Unreviewed
CVE-2023-22877 was published Aug 28, 2023
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results"... Critical Unreviewed
CVE-2020-10131 was published Sep 6, 2023
Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML... Moderate Unreviewed
CVE-2023-43071 was published Oct 5, 2023
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export... High Unreviewed
CVE-2024-25007 was published Apr 4, 2024
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support... High Unreviewed
CVE-2023-25983 was published Nov 15, 2023
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection. High Unreviewed
CVE-2023-31867 was published Jun 22, 2023
IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to... Moderate Unreviewed
CVE-2024-28764 was published May 1, 2024
The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users. Moderate Unreviewed
CVE-2019-20180 was published May 24, 2022
The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and... Moderate Unreviewed
CVE-2023-5424 was published Jun 7, 2024
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up... High Unreviewed
CVE-2023-5527 was published Jun 18, 2024
An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in... Moderate Unreviewed
CVE-2024-27785 was published Jul 9, 2024
A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated... High Unreviewed
CVE-2024-3232 was published Jul 16, 2024
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows... High Unreviewed
CVE-2024-41226 was published Aug 6, 2024
CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in... High Unreviewed
CVE-2024-24337 was published Feb 13, 2024
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... Moderate Unreviewed
CVE-2023-31296 was published Dec 29, 2023
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27321 was published for refuel-autolabel (pip) Sep 12, 2024
Improper Neutralization of Formula Elements in a CSV File in html-2-csv Moderate
CVE-2021-23654 was published for html-to-csv (pip) Nov 30, 2021
KateCatlin
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27320 was published for refuel-autolabel (pip) Sep 12, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute... High Unreviewed
CVE-2021-38963 was published Sep 25, 2024
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an... Moderate Unreviewed
CVE-2024-47485 was published Oct 18, 2024
CSV injection in shuup High
CVE-2021-25962 was published for shuup (pip) Sep 30, 2021
An issue in Snipe-IT v.7.0.13 build 15514 allows a remote attacker to escalate privileges via the... High Unreviewed
CVE-2024-51094 was published Nov 12, 2024
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is... High Unreviewed
CVE-2018-11525 was published May 13, 2022
A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2024-53555 was published Nov 26, 2024
phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to... Moderate Unreviewed
CVE-2024-9102 was published Dec 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database