GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,196
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,283
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,203

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

182 advisories

Filter by severity

Sort by

Least recently updated

Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary... High Unreviewed

CVE-2020-19513 was published May 24, 2022

There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may... Moderate Unreviewed

CVE-2020-9205 was published May 24, 2022

phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports. Critical Unreviewed

CVE-2021-3188 was published May 24, 2022

There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker... High Unreviewed

CVE-2020-9200 was published May 24, 2022

OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls... Moderate Unreviewed

CVE-2020-28861 was published May 24, 2022

A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated... High Unreviewed

CVE-2020-28845 was published May 24, 2022

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts,... High Unreviewed

CVE-2020-15301 was published May 24, 2022

IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable to CVS Injection. A remote... High Unreviewed

CVE-2020-4759 was published May 24, 2022

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite... High Unreviewed

CVE-2020-25170 was published May 24, 2022

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. High Unreviewed

CVE-2020-25398 was published May 24, 2022

phpMyAdmin through 5.0.2 allows CSV injection via Export Section High Unreviewed

CVE-2020-22278 was published May 24, 2022

WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. Critical Unreviewed

CVE-2020-22276 was published May 24, 2022

JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. Critical Unreviewed

CVE-2020-22274 was published May 24, 2022

Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point... Moderate Unreviewed

CVE-2020-16214 was published May 24, 2022

Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability... High Unreviewed

CVE-2020-9347 was published May 24, 2022

admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi... Moderate Unreviewed

CVE-2020-10460 was published May 24, 2022

The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields... Moderate Unreviewed

CVE-2020-9372 was published May 24, 2022

KeePass 2.4.1 allows CSV injection in the title field of a CSV export. Moderate Unreviewed

CVE-2019-20184 was published May 24, 2022

The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users. Moderate Unreviewed

CVE-2019-20180 was published May 24, 2022

Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0... Moderate Unreviewed

CVE-2019-11275 was published May 24, 2022

A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey... Critical Unreviewed

CVE-2019-16184 was published May 24, 2022

A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA)... Moderate Unreviewed

CVE-2019-6182 was published May 24, 2022

** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists,... High Unreviewed

CVE-2019-14352 was published May 24, 2022

An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable... Critical Unreviewed

CVE-2019-12765 was published May 24, 2022

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in... High Unreviewed

CVE-2019-12134 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

182 advisories