Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with 0-day

A curated list of projects in awesome lists tagged with 0-day .

- Recently synced
- Stars

https://github.com/safebreach-labs/back2thefuture

Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns.

0-day binary-comparisons defcon29 ida-pro ida-python pattern-matching windows-updates

Last synced: 16 Nov 2024

https://github.com/mbadanoiu/cve-2023-34468

CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi

0-day authenticated cve cve-2023-34468 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/hktalent/createoneminjar

Automatically search for the required class and package it as a jar Create One Min Jar file

0-day 0day build deserialize exp exploit jar java rce tools

Last synced: 19 Nov 2024

https://github.com/mbadanoiu/CVE-2023-34212

CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi

0-day authenticated cve cve-2023-34212 cves remote-code-execution

Last synced: 23 Oct 2024

https://github.com/mbadanoiu/cve-2023-34212

CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi

0-day authenticated cve cve-2023-34212 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/lucabarile/zdi-can-16857

Exploit and report for CVE-2023-32163

0-day 0day bugbounty cve-2023-32163 disclosure elevation-of-privilege exploit local-privilege-escalation logical-vulnerability lpe poc privilege-escalation proof-of-concept vulnerability wacom wacom-driver wacom-vulnerability write-up writeups zdi-can-16857

Last synced: 08 Nov 2024

https://github.com/lucabarile/cve-2022-38604

Exploits and reports for CVE-2022-38604

0-day arbitrary-file-deletion denial-of-service disclosure elevation-of-privilege exploit impersonation link-following link-following-attack local-privilege-escalation mount-point poc proof-of-concept symbolic-link vulnerability wacom wacom-vulnerability windows-denial-of-service write-up zero-day

Last synced: 08 Nov 2024

https://github.com/mbadanoiu/cve-2021-42558

CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera

0-day cross-site-scripting cve cve-2021-42558 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46362

CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS

0-day cve cve-2021-46362 cves server-side-template-injection unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46366

CVE-2021-46366: Credential Bruteforce Attack via CSRF + Open Redirect in Magnolia CMS

0-day csrf cve cve-2021-46366 cves open-redirect

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46363

CVE-2021-46363: Formula Injection in Magnolia CMS

0-day authenticated csv-injection cve cve-2021-46363 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8254

CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

0-day cve cve-2020-8254 cves remote-code-execution user-interaction zip-slip

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-20253

CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower

0-day cve cve-2021-20253 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-40634

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

0-day authenticated bypass cve cve-2020-25803 cve-2022-40634 cves remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-34693

CVE-2024-34693: Server Arbitrary File Read in Apache Superset

0-day arbitrary-file-read cve cve-2024-34693 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-12641

CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail

0-day cve cve-2020-12641 cves remote-code-execution unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-9849

CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice

0-day bypass cve cve-2019-9849 cves server-side-request-forgery

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-37081

CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

0-day authenticated cve cve-2024-37081 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-22274

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

0-day authenticated cve cve-2024-22274 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-22275

CVE-2024-22275: Partial File Read in VMware vCenter Server

0-day authenticated cve cve-2024-22275 cves file-read

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2023-51518

CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James

0-day cve cve-2023-51518 cves deserialization local-privilege-escalation pre-authentication

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42562

CVE-2021-42562: Improper Access Control in MITRE Caldera

0-day authenticated cve cve-2021-42562 cves insecure-direct-object-reference

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42561

CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

0-day authenticated cve cve-2021-42561 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/mal-004

MAL-004: Command Injection Bypass for CVE-2020-12641 in Roundcube Webmail

0-day bypass cve-2020-12641 remote-code-execution unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-13965

CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail

0-day cross-site-scripting cve cve-2020-13965 cves unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-10092

CVE-2019-10092: Limited Cross-Site Scripting via "Proxy Error" Page in Apache HTTP Server

0-day cve cve-2019-10092 cves open-redirect user-interaction

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-12640

CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail

0-day cve cve-2020-12640 cves local-file-inclusion path-traversal

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-12625

CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail

0-day cross-site-scripting cve cve-2020-12625 cves unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/magnolia-8281

MAGNOLIA-8281: FreeMarker Restriction Bypass 2 in Magnolia CMS

0-day authenticated bypass remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/wso2-2020-0731

WSO2-2020-0731: XXE and XSS vulnerabilities in WSO2 Carbon

0-day cross-site-scripting stored-xss wso2-2020-0731 xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/magnolia-8348

MAGNOLIA-8348: FreeMarker Restriction Bypass 3 in Magnolia CMS

0-day authenticated bypass remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-14678

CVE-2019-14678: XML External Entity in SAS XML Mapper

0-day cve cve-2019-14678 cves xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46361

CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS

0-day authenticated bypass cve cve-2021-46361 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46365

CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS

0-day authenticated cve cve-2021-46365 cves xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-20818

CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN

0-day cve cve-2022-20818 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/mal-001

MAL-001: FreeMarker Server-Side Template Injection in Liferay Portal

0-day authenticated bypass cve-2020-13445 server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-24442

CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack

0-day authenticated bypass cve cve-2021-25770 cve-2022-24442 cves remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-1332

CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services

0-day cross-site-scripting cve cve-2019-1332 cves reflected-xss

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2023-49964

CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco

0-day authenticated bypass cve cve-2020-12873 cve-2023-49964 cves remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-25813

CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz

0-day cve cve-2022-25813 cves remote-code-execution server-side-template-injection user-interaction

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8248

CVE-2020-8248: Privilege Escalation via Zip Wildcard Exploit in Pulse Secure VPN Linux Client

0-day cve cve-2020-8248 cves local-privilege-escalation wildcard-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8249

CVE-2020-8249: Buffer Overflow in Pulse Secure VPN Linux Client

0-day buffer-overflow cve cve-2020-8249 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8250

CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client

0-day command-injection cve cve-2020-8250 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-29063

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

0-day cve cve-2022-29063 cves deserialization local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/mal-003

MAL-003: Groovy Security Bypass and Stored XSS in Apache OfBiz

0-day authenticated bypass cross-site-scripting groovy remote-code-execution stored-xss

Last synced: 19 Nov 2024

https://github.com/lucabarile/cve-2022-43293

Exploit and report for CVE-2022-43293

0-day arbitrary-file-overwrite arbitrary-file-write cng-sys denial-of-service disclosure exploit impersonation link-following link-following-attack mount-point poc proof-of-concept symbolic-link vulnerability wacom wacom-vulnerability windows-denial-of-service write-up zero-day

Last synced: 08 Nov 2024

https://github.com/lucabarile/zdi-can-16318

Exploits and reports for CVE-2023-32162

0-day 0day bugbounty cve-2023-32162 disclosure elevation-of-privilege exploit local-privilege-escalation logical-vulnerability lpe poc privilege-escalation proof-of-concept vulnerability wacom wacom-driver wacom-vulnerability write-up writeups zdi-can-16318

Last synced: 08 Nov 2024

https://github.com/mbadanoiu/cve-2021-42560

CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera

0-day authenticated cve cve-2021-42560 cves xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42559

CVE-2021-42559: Command Injection via Configurations in MITRE Caldera

0-day authenticated cve cve-2021-42559 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-24818

CVE-2022-24818: Java Deserialization via Unchecked JNDI Lookups in GeoServer and GeoTools

0-day cve cve-2022-24818 cves deserialization remote-code-execution

Last synced: 13 Nov 2024