Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

226 advisories

Loading
Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A... Moderate Unreviewed
CVE-2021-36334 was published Nov 24, 2021
A CWE-1236 “Improper Neutralization of Formula Elements in a CSV File” vulnerability in the ... Moderate Unreviewed
CVE-2023-45597 was published Mar 5, 2024
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7... Critical Unreviewed
CVE-2023-47534 was published Mar 12, 2024
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists,... High Unreviewed
CVE-2019-14352 was published May 24, 2022
IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0... High Unreviewed
CVE-2023-35899 was published Mar 21, 2024
** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins... Critical Unreviewed
CVE-2018-15474 was published May 13, 2022
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1... High Unreviewed
CVE-2021-33256 was published May 24, 2022
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to... Moderate Unreviewed
CVE-2018-12244 was published May 24, 2022
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in... High Unreviewed
CVE-2019-12134 was published May 24, 2022
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey... Critical Unreviewed
CVE-2019-16184 was published May 24, 2022
Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0... Moderate Unreviewed
CVE-2019-11275 was published May 24, 2022
The SAP Application Interface Framework (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE... Moderate Unreviewed
CVE-2023-29109 was published Apr 11, 2023
ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and... High Unreviewed
CVE-2023-25348 was published Apr 25, 2023
Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to... High Unreviewed
CVE-2023-33410 was published Jun 5, 2023
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in... High Unreviewed
CVE-2023-0721 was published Jun 9, 2023
Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the... Moderate Unreviewed
CVE-2022-46408 was published Jun 29, 2023
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection... High Unreviewed
CVE-2023-28958 was published Jul 10, 2023
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web... Moderate Unreviewed
CVE-2023-3527 was published Jul 19, 2023
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website... High Unreviewed
CVE-2022-28864 was published Jul 24, 2023
Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File High Unreviewed
CVE-2023-37219 was published Jul 30, 2023
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted... High Unreviewed
CVE-2023-38843 was published Aug 17, 2023
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote... High Unreviewed
CVE-2023-22877 was published Aug 28, 2023
SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results"... Critical Unreviewed
CVE-2020-10131 was published Sep 6, 2023
Dell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML... Moderate Unreviewed
CVE-2023-43071 was published Oct 5, 2023
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export... High Unreviewed
CVE-2024-25007 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database