Vulnerabilities > Improper Neutralization of Formula Elements in a CSV File
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-25983 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Liquidweb KB Support Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.5.84. | 8.8 |
| 2023-09-06 | CVE-2020-10131 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Searchblox SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter. | 9.8 |
| 2023-08-28 | CVE-2023-22877 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. | 8.8 |
| 2023-08-17 | CVE-2023-38843 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Atlos 1.0 An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function. | 8.0 |
| 2023-07-30 | CVE-2023-37219 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Tadirantele Aeonix Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV File | 7.8 |
| 2023-07-24 | CVE-2022-28864 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Nokia Netact 22.0.0.62 An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. | 8.8 |
| 2023-07-18 | CVE-2023-3527 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Avaya Call Management System 17.0/18.0.0.1/18.0.0.2 A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to open the file by a spreadsheet software such as Microsoft Excel. | 6.8 |
| 2023-07-10 | CVE-2023-28958 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Watson Knowledge Catalog on Cloud PAK for Data 4.0 IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. | 7.8 |
| 2023-06-29 | CVE-2022-46408 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ericsson Network Manager 21.2 Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. | 6.8 |
| 2023-06-22 | CVE-2023-31867 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Sage X3 12.14.0.500 Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection. | 7.2 |