Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,339
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

197 advisories

Loading
CSV Injection in inventree High
CVE-2022-2112 was published for inventree (pip) Jun 18, 2022
The WP-CRM WordPress plugin through 1.2.1 does not validate and sanitise fields when exporting... High Unreviewed
CVE-2022-1202 was published Jun 14, 2022
Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra... High Unreviewed
CVE-2022-2027 was published Jun 10, 2022
A vulnerability, which was classified as critical, has been found in SevOne Network Management... High Unreviewed
CVE-2020-36531 was published Jun 8, 2022
PowerStore SW v2.1.1.0 supports the option to export data to either a CSV or an XLSX file. The... High Unreviewed
CVE-2022-26867 was published Jun 3, 2022
A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application... High Unreviewed
CVE-2020-26507 was published May 24, 2022
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM... High Unreviewed
CVE-2021-22153 was published May 24, 2022
The “Subscribe” feature in Ultimate Booking System Booking Core 1.7.0 is vulnerable to CSV... High Unreviewed
CVE-2020-25445 was published May 24, 2022
In “SuiteCRM” application, v7.11.18 through v7.11.19 and v7.10.29 through v7.10.31 are affected... High Unreviewed
CVE-2021-25960 was published May 24, 2022
A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress... High Unreviewed
CVE-2019-17661 was published May 24, 2022
CSV injection in the event-tickets (Event Tickets) plugin before 4.10.7.2 for WordPress exists... Moderate Unreviewed
CVE-2019-16120 was published May 24, 2022
IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which could allow a remote... High Unreviewed
CVE-2019-4364 was published May 24, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain... High Unreviewed
CVE-2021-40848 was published May 24, 2022
The tag interface of Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to an... High Unreviewed
CVE-2021-38424 was published May 24, 2022
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some... High Unreviewed
CVE-2020-36503 was published May 24, 2022
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An... Moderate Unreviewed
CVE-2021-37131 was published May 24, 2022
SAP Business One - version 10.0, allows an attacker to inject formulas when exporting data to... Critical Unreviewed
CVE-2021-38180 was published May 24, 2022
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4... High Unreviewed
CVE-2021-24016 was published May 24, 2022
Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export. High Unreviewed
CVE-2021-27020 was published May 24, 2022
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1... High Unreviewed
CVE-2021-33256 was published May 24, 2022
A CWE-1236: Improper Neutralization of Formula Elements in a CSV File vulnerability exists in... High Unreviewed
CVE-2021-22771 was published May 24, 2022
The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet... High Unreviewed
CVE-2021-24441 was published May 24, 2022
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function.... High Unreviewed
CVE-2020-22390 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to... High Unreviewed
CVE-2021-29667 was published May 24, 2022
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of... High Unreviewed
CVE-2021-1474 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database