GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
263 advisories
Filter by severity
CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.
High
Unreviewed
CVE-2020-25398
was published
May 24, 2022
phpMyAdmin through 5.0.2 allows CSV injection via Export Section
High
Unreviewed
CVE-2020-22278
was published
May 24, 2022
JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.
Critical
Unreviewed
CVE-2020-22274
was published
May 24, 2022
WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.
Critical
Unreviewed
CVE-2020-22276
was published
May 24, 2022
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point...
Moderate
Unreviewed
CVE-2020-16214
was published
May 24, 2022
Mattermost Server is vulnerable CSV Injection
Critical
CVE-2017-18900
was published
for
github.com/mattermost/mattermost-server
(Go)
May 24, 2022
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability...
High
Unreviewed
CVE-2020-9347
was published
May 24, 2022
admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi...
Moderate
Unreviewed
CVE-2020-10460
was published
May 24, 2022
The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields...
Moderate
Unreviewed
CVE-2020-9372
was published
May 24, 2022
KeePass 2.4.1 allows CSV injection in the title field of a CSV export.
Moderate
Unreviewed
CVE-2019-20184
was published
May 24, 2022
The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users.
Moderate
Unreviewed
CVE-2019-20180
was published
May 24, 2022
Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0...
Moderate
Unreviewed
CVE-2019-11275
was published
May 24, 2022
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey...
Critical
Unreviewed
CVE-2019-16184
was published
May 24, 2022
A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA)...
Moderate
Unreviewed
CVE-2019-6182
was published
May 24, 2022
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula)...
High
Unreviewed
CVE-2019-14749
was published
May 24, 2022
** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists,...
High
Unreviewed
CVE-2019-14352
was published
May 24, 2022
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable...
Critical
Unreviewed
CVE-2019-12765
was published
May 24, 2022
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in...
High
Unreviewed
CVE-2019-12134
was published
May 24, 2022
The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it...
High
Unreviewed
CVE-2019-11872
was published
May 24, 2022
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2...
High
Unreviewed
CVE-2019-4071
was published
May 24, 2022
Alkacon OpenCMS CSV Injection via New User module
High
CVE-2019-11819
was published
for
org.opencms:opencms-core
(Maven)
May 24, 2022
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to...
Moderate
Unreviewed
CVE-2018-12244
was published
May 24, 2022
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in...
High
Unreviewed
CVE-2018-9106
was published
May 13, 2022
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in...
High
Unreviewed
CVE-2018-9107
was published
May 13, 2022
Open-AudIT before 2.2 has CSV Injection.
Moderate
Unreviewed
CVE-2018-9137
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API