GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

33 advisories

Filter by severity

Sort by

Least recently updated

A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7... Critical Unreviewed

CVE-2023-47534 was published Mar 12, 2024

Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder |... Critical Unreviewed

CVE-2023-23796 was published Nov 15, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue... Critical Unreviewed

CVE-2023-22719 was published Nov 15, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenderd 1003 Mortgage... Critical Unreviewed

CVE-2022-45357 was published Nov 13, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee Product... Critical Unreviewed

CVE-2022-46802 was published Nov 13, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram... Critical Unreviewed

CVE-2022-45810 was published Nov 7, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter... Critical Unreviewed

CVE-2022-46803 was published Nov 7, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site... Critical Unreviewed

CVE-2022-46801 was published Nov 7, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX –... Critical Unreviewed

CVE-2022-46809 was published Nov 7, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress... Critical Unreviewed

CVE-2022-45370 was published Nov 7, 2023

Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter... Critical Unreviewed

CVE-2022-45360 was published Nov 7, 2023

SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results"... Critical Unreviewed

CVE-2020-10131 was published Sep 6, 2023

The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list... Critical Unreviewed

CVE-2022-3603 was published Nov 28, 2022

The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output... Critical Unreviewed

CVE-2022-3600 was published Nov 21, 2022

The Contact Form 7 Database Addon WordPress plugin before 1.2.6.5 does not validate data when... Critical Unreviewed

CVE-2022-3634 was published Nov 21, 2022

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the... Critical Unreviewed

CVE-2022-3574 was published Nov 14, 2022

CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress. Critical Unreviewed

CVE-2022-27858 was published Nov 9, 2022

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when... Critical Unreviewed

CVE-2022-3463 was published Nov 7, 2022

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote... Critical Unreviewed

CVE-2022-22425 was published Nov 4, 2022

The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields... Critical Unreviewed

CVE-2022-3393 was published Oct 25, 2022

SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to... Critical Unreviewed

CVE-2021-38180 was published May 24, 2022

phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports. Critical Unreviewed

CVE-2021-3188 was published May 24, 2022

WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. Critical Unreviewed

CVE-2020-22276 was published May 24, 2022

JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. Critical Unreviewed

CVE-2020-22274 was published May 24, 2022

A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey... Critical Unreviewed

CVE-2019-16184 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

33 advisories