GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,263
Erlang
31
GitHub Actions
21
Go
2,033
Maven
5,000+
npm
3,732
NuGet
662
pip
3,411
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
176 advisories
Filter by severity
A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via...
High
Unreviewed
CVE-2024-53555
was published
Nov 26, 2024
An issue in Snipe-IT v.7.0.13 build 15514 allows a remote attacker to escalate privileges via the...
High
Unreviewed
CVE-2024-51094
was published
Nov 12, 2024
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an...
Moderate
Unreviewed
CVE-2024-47485
was published
Oct 18, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute...
High
Unreviewed
CVE-2021-38963
was published
Sep 25, 2024
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows...
High
Unreviewed
CVE-2024-41226
was published
Aug 6, 2024
A formula injection vulnerability exists in Tenable Identity Exposure where an authenticated...
High
Unreviewed
CVE-2024-3232
was published
Jul 16, 2024
An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in...
Moderate
Unreviewed
CVE-2024-27785
was published
Jul 9, 2024
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up...
High
Unreviewed
CVE-2023-5527
was published
Jun 18, 2024
The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and...
Moderate
Unreviewed
CVE-2023-5424
was published
Jun 7, 2024
IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to...
Moderate
Unreviewed
CVE-2024-28764
was published
May 1, 2024
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export...
High
Unreviewed
CVE-2024-25007
was published
Apr 4, 2024
IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0...
High
Unreviewed
CVE-2023-35899
was published
Mar 21, 2024
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7...
Critical
Unreviewed
CVE-2023-47534
was published
Mar 12, 2024
A CWE-1236 “Improper Neutralization of Formula Elements in a CSV File” vulnerability in the ...
Moderate
Unreviewed
CVE-2023-45597
was published
Mar 5, 2024
CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in...
High
Unreviewed
CVE-2024-24337
was published
Feb 13, 2024
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a...
Moderate
Unreviewed
CVE-2023-47022
was published
Feb 6, 2024
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in...
High
Unreviewed
CVE-2022-3604
was published
Jan 16, 2024
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (...
High
Unreviewed
CVE-2023-31295
was published
Dec 29, 2023
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (...
Moderate
Unreviewed
CVE-2023-31296
was published
Dec 29, 2023
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (...
High
Unreviewed
CVE-2023-31294
was published
Dec 29, 2023
Availability Booking Calendar 5.0 allows CSV injection via the unique ID field in the...
High
Unreviewed
CVE-2023-48207
was published
Dec 7, 2023
IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote...
High
Unreviewed
CVE-2023-42004
was published
Nov 28, 2023
Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject...
High
Unreviewed
CVE-2023-48029
was published
Nov 17, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue...
Critical
Unreviewed
CVE-2023-22719
was published
Nov 15, 2023
Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder |...
Critical
Unreviewed
CVE-2023-23796
was published
Nov 15, 2023
ProTip!
Advisories are also available from the
GraphQL API