Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

199 advisories

Loading
A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows... Critical Unreviewed
CVE-2025-56267 was published Sep 8, 2025
Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V (Artprima) AP... High Unreviewed
CVE-2025-58855 was published Sep 5, 2025
There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow... Moderate Unreviewed
CVE-2025-39245 was published Aug 29, 2025
In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula... High Unreviewed
CVE-2022-22121 was published Jan 11, 2022
CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON file Moderate Unreviewed
CVE-2025-52386 was published Aug 13, 2025
The AnWP Football Leagues plugin for WordPress is vulnerable to CSV Injection in all versions up... Moderate Unreviewed
CVE-2025-8767 was published Aug 12, 2025
An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to... High Unreviewed
CVE-2025-50572 was published Jul 31, 2025
Multiple versions of PowerCMS improperly neutralize formula elements in a CSV file. If a product... Moderate Unreviewed
CVE-2025-54752 was published Jul 31, 2025
An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through... Critical Unreviewed
CVE-2024-47572 was published Jan 14, 2025
The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up... Moderate Unreviewed
CVE-2025-6838 was published Jul 11, 2025
A vulnerability was found in 1Panel-dev MaxKB up to 1.10.7. It has been declared as critical.... Moderate Unreviewed
CVE-2025-4546 was published May 11, 2025
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a... Moderate Unreviewed
CVE-2023-47022 was published Feb 6, 2024
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in... High Unreviewed
CVE-2022-3604 was published Jan 16, 2024
Data provided in a request performed to the server while activating a new device are put in a... Low Unreviewed
CVE-2025-1421 was published May 21, 2025
Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to... High Unreviewed
CVE-2022-37905 was published Dec 12, 2022
phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to... Moderate Unreviewed
CVE-2024-9102 was published Dec 19, 2024
CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-29375 was published Apr 4, 2024
PHPJabbers Car Park Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51311 was published Feb 20, 2025
PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51333 was published Feb 20, 2025
PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which... High Unreviewed
CVE-2023-51336 was published Feb 20, 2025
PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows... High Unreviewed
CVE-2023-51319 was published Feb 20, 2025
PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an... High Unreviewed
CVE-2023-51302 was published Feb 19, 2025
PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows... Moderate Unreviewed
CVE-2023-51298 was published Feb 19, 2025
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all... Moderate Unreviewed
CVE-2024-3214 was published Apr 9, 2024
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. High Unreviewed
CVE-2023-46401 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database