GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
129 advisories
Filter by severity
IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote...
High
Unreviewed
CVE-2019-4364
was published
May 24, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain...
High
Unreviewed
CVE-2021-40848
was published
May 24, 2022
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an...
High
Unreviewed
CVE-2021-38424
was published
May 24, 2022
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some...
High
Unreviewed
CVE-2020-36503
was published
May 24, 2022
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4...
High
Unreviewed
CVE-2021-24016
was published
May 24, 2022
Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.
High
Unreviewed
CVE-2021-27020
was published
May 24, 2022
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1...
High
Unreviewed
CVE-2021-33256
was published
May 24, 2022
A CWE-1236: Improper Neutralization of Formula Elements in a CSV File vulnerability exists in...
High
Unreviewed
CVE-2021-22771
was published
May 24, 2022
The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet...
High
Unreviewed
CVE-2021-24441
was published
May 24, 2022
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function....
High
Unreviewed
CVE-2020-22390
was published
May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to...
High
Unreviewed
CVE-2021-29667
was published
May 24, 2022
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of...
High
Unreviewed
CVE-2021-1474
was published
May 24, 2022
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone...
High
Unreviewed
CVE-2021-24144
was published
May 24, 2022
Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2020-19513
was published
May 24, 2022
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker...
High
Unreviewed
CVE-2020-9200
was published
May 24, 2022
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated...
High
Unreviewed
CVE-2020-28845
was published
May 24, 2022
SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts,...
High
Unreviewed
CVE-2020-15301
was published
May 24, 2022
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote...
High
Unreviewed
CVE-2020-4759
was published
May 24, 2022
An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite...
High
Unreviewed
CVE-2020-25170
was published
May 24, 2022
CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.
High
Unreviewed
CVE-2020-25398
was published
May 24, 2022
phpMyAdmin through 5.0.2 allows CSV injection via Export Section
High
Unreviewed
CVE-2020-22278
was published
May 24, 2022
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability...
High
Unreviewed
CVE-2020-9347
was published
May 24, 2022
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists,...
High
Unreviewed
CVE-2019-14352
was published
May 24, 2022
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in...
High
Unreviewed
CVE-2019-12134
was published
May 24, 2022
The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it...
High
Unreviewed
CVE-2019-11872
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API