GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,339
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
197 advisories
Filter by severity
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of...
Moderate
Unreviewed
CVE-2021-1475
was published
May 24, 2022
Unvalidated input in the Contact Form 7 Database Addon plugin, versions before 1.2.5.6, was prone...
High
Unreviewed
CVE-2021-24144
was published
May 24, 2022
A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be...
Moderate
Unreviewed
CVE-2021-27839
was published
May 24, 2022
Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2020-19513
was published
May 24, 2022
There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may...
Moderate
Unreviewed
CVE-2020-9205
was published
May 24, 2022
phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.
Critical
Unreviewed
CVE-2021-3188
was published
May 24, 2022
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker...
High
Unreviewed
CVE-2020-9200
was published
May 24, 2022
OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls...
Moderate
Unreviewed
CVE-2020-28861
was published
May 24, 2022
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated...
High
Unreviewed
CVE-2020-28845
was published
May 24, 2022
SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts,...
High
Unreviewed
CVE-2020-15301
was published
May 24, 2022
IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote...
High
Unreviewed
CVE-2020-4759
was published
May 24, 2022
An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite...
High
Unreviewed
CVE-2020-25170
was published
May 24, 2022
CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.
High
Unreviewed
CVE-2020-25398
was published
May 24, 2022
phpMyAdmin through 5.0.2 allows CSV injection via Export Section
High
Unreviewed
CVE-2020-22278
was published
May 24, 2022
WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.
Critical
Unreviewed
CVE-2020-22276
was published
May 24, 2022
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.
Critical
Unreviewed
CVE-2020-22274
was published
May 24, 2022
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point...
Moderate
Unreviewed
CVE-2020-16214
was published
May 24, 2022
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability...
High
Unreviewed
CVE-2020-9347
was published
May 24, 2022
admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi...
Moderate
Unreviewed
CVE-2020-10460
was published
May 24, 2022
The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields...
Moderate
Unreviewed
CVE-2020-9372
was published
May 24, 2022
KeePass 2.4.1 allows CSV injection in the title field of a CSV export.
Moderate
Unreviewed
CVE-2019-20184
was published
May 24, 2022
The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users.
Moderate
Unreviewed
CVE-2019-20180
was published
May 24, 2022
Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0...
Moderate
Unreviewed
CVE-2019-11275
was published
May 24, 2022
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey...
Critical
Unreviewed
CVE-2019-16184
was published
May 24, 2022
A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA)...
Moderate
Unreviewed
CVE-2019-6182
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API