Projects in Awesome Lists tagged with cves
A curated list of projects in awesome lists tagged with cves .
https://github.com/OWASP/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
automation bruteforce cve cves hacking-tools information-gathering network-analysis owasp penetration-testing penetration-testing-framework pentesting pentesting-tools portscanner python scanner security security-tools vulnerability-management vulnerability-scanner vulnerability-scanners
Last synced: 23 Mar 2025
https://github.com/peass-ng/botpeass
Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.
bot cve cves monitoring peass privesc slack telegram
Last synced: 09 Apr 2025
https://github.com/tg12/poc_cves
PoC_CVEs
cve cve-2020-0796 cve-2021-44228 cve-scanning cve-search cves poc
Last synced: 25 Mar 2025
https://github.com/lightswitch05/php-version-audit
Audit your PHP version for known CVEs and patches
audit composer-package cves docker-image hacktoberfest php php-library php-security security security-audit security-scanner
Last synced: 08 Apr 2025
https://github.com/mbadanoiu/cve-2024-22274
CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server
0-day authenticated cve cve-2024-22274 cves remote-code-execution
Last synced: 01 Mar 2025
https://github.com/coinbase/salus
We would like to request that all contributors please clone a *fresh copy* of this repository since the September 21st maintenance.
audit brakeman circleci coinbase cves golang gosec js npm ruby-on-rails salus security-scanner security-scanners security-tools static-analysis yarn
Last synced: 09 Apr 2025
https://github.com/lightswitch05/node-version-audit
Audit your Node version for known CVEs and patches
audit cve-scanning cves docker-image node node-js nodejs npm-package security security-audit security-scanner security-tools
Last synced: 21 Mar 2025
https://github.com/inspektre/vulnhub
Search NVD locally
automation cpe cve cves cwe graphql neo4j nist nvd vulnerabilities
Last synced: 19 Nov 2024
https://github.com/mbadanoiu/cve-2024-37081
CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server
0-day authenticated cve cve-2024-37081 cves local-privilege-escalation
Last synced: 01 Mar 2025
https://github.com/p1ckzi/cve-2012-5519
cups-root-file-read.sh | CVE-2012-5519
cups-root-file-read cve cve-2012-5519 cves exploit hacking pentesting-tools
Last synced: 14 Apr 2025
https://github.com/mbadanoiu/cve-2024-34693
CVE-2024-34693: Server Arbitrary File Read in Apache Superset
0-day arbitrary-file-read cve cve-2024-34693 cves
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2023-49964
CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco
0-day authenticated bypass cve cve-2020-12873 cve-2023-49964 cves remote-code-execution server-side-template-injection
Last synced: 01 Mar 2025
https://github.com/mindpatch/latestpocs
Latest PoC exploit & Writeups
cves pentesting poc proof-of-concept security
Last synced: 12 Jan 2025
https://github.com/mbadanoiu/cve-2023-34468
CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi
0-day authenticated cve cve-2023-34468 cves remote-code-execution
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/CVE-2023-34212
CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi
0-day authenticated cve cve-2023-34212 cves remote-code-execution
Last synced: 10 Mar 2025
https://github.com/checkpointsw-community/sourceguard
Very detailed how-to utilize SourceGuard
Last synced: 28 Mar 2025
https://github.com/mbadanoiu/cve-2023-34212
CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi
0-day authenticated cve cve-2023-34212 cves deserialization remote-code-execution
Last synced: 01 Mar 2025
https://github.com/codeb0ss/cve-2023-27034-exploit
Mass Exploit - CVE-2023-27034
2023-poc codeb0ss codeboss codeboss-team cve cve-2023 cve-2023-27034 cve-2023-27034-exp cve-2023-27034-exploit cve-2023-27034-poc cve-poc cves hackerone prestashop
Last synced: 06 Apr 2025
https://github.com/mbadanoiu/cve-2023-26269
CVE-2023-26269: Misconfigured JMX in Apache James
0-day cve cve-2023-26269 cves local-privilege-escalation mlet unauthenticated
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2024-22275
CVE-2024-22275: Partial File Read in VMware vCenter Server
0-day authenticated cve cve-2024-22275 cves file-read
Last synced: 01 Mar 2025
https://github.com/p1ckzi/CVE-2012-5519
cups-root-file-read.sh | CVE-2012-5519
cups-root-file-read cve cve-2012-5519 cves exploit hacking pentesting-tools
Last synced: 10 Mar 2025
https://github.com/whitehatboy005/json2yaml-cve
JSON2YAML is a Python-based utility that simplifies the process of converting CVE (Common Vulnerabilities and Exposures) data from JSON format into well-structured YAML files. This tool allows security analysts and developers to easily manage, analyze, and integrate CVE data into their vulnerability management systems.
convertor cves json json2yaml nuclei-templates python3 template
Last synced: 01 Feb 2025
https://github.com/mbadanoiu/cve-2021-20253
CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower
0-day cve cve-2021-20253 cves local-privilege-escalation
Last synced: 01 Mar 2025
https://github.com/cosasdepuma/cve-research
🔬 My own CVEs
cve cve-report cve-research cve-search cves security-research
Last synced: 11 Mar 2025
https://github.com/mbadanoiu/cve-2022-29063
CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz
0-day cve cve-2022-29063 cves deserialization local-privilege-escalation
Last synced: 01 Mar 2025
https://github.com/password123456/cves
High-risk CVEs that may require verification and impact analysis.
cve-scanning cve-search cves vulnerability-database-entry vulnerability-identification
Last synced: 21 Feb 2025
https://github.com/mbadanoiu/cve-2021-46364
CVE-2021-46364: YAML Deserialization in Magnolia CMS
0-day authenticated cve cve-2021-46364 cves deserialization remote-code-execution
Last synced: 01 Mar 2025
https://github.com/1franck/cvepack
Tool to detect vulnerabilities in packages.
cve-scanning cves security-tools vulnerabilities
Last synced: 29 Mar 2025
https://github.com/mbadanoiu/cve-2023-51518
CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James
0-day cve cve-2023-51518 cves deserialization local-privilege-escalation pre-authentication
Last synced: 01 Mar 2025
https://github.com/dmdhrumilmistry/cves
List of CVEs found by dmdhrumilmistry
cve cve-2024-22513 cves django-rest-framework hacking jwt jwt-auth jwt-token
Last synced: 25 Mar 2025
https://github.com/mbadanoiu/cve-2022-40634
CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS
0-day authenticated bypass cve cve-2020-25803 cve-2022-40634 cves remote-code-execution server-side-template-injection
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2021-46366
CVE-2021-46366: Credential Bruteforce Attack via CSRF + Open Redirect in Magnolia CMS
0-day csrf cve cve-2021-46366 cves open-redirect
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2021-42562
CVE-2021-42562: Improper Access Control in MITRE Caldera
0-day authenticated cve cve-2021-42562 cves insecure-direct-object-reference
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2022-20818
CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN
0-day cve cve-2022-20818 cves local-privilege-escalation
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-8254
CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client
0-day cve cve-2020-8254 cves remote-code-execution user-interaction zip-slip
Last synced: 01 Mar 2025
https://github.com/abhijithaj/dorset_smartlock_vulnerability
This repository is for Dorset_SmartLock_vulnerability. CVE-2025-25650 is suggested by MITRE which is yet to confirm.
cve cves dorset hardware-security nfc-tag rfid smart-home-devices smart-home-solutions smart-lock smart-locks vapt-report vulnerability
Last synced: 26 Mar 2025
https://github.com/mbadanoiu/cve-2021-46363
CVE-2021-46363: Formula Injection in Magnolia CMS
0-day authenticated csv-injection cve cve-2021-46363 cves
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2023-40037
CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi
0-day authenticated bypass cve cve-2023-34212 cve-2023-34468 cve-2023-40037 cves remote-code-execution
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-12640
CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail
0-day cve cve-2020-12640 cves local-file-inclusion path-traversal
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2019-1332
CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services
0-day cross-site-scripting cve cve-2019-1332 cves reflected-xss
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/CVE-2023-40037
CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi
Last synced: 10 Mar 2025
https://github.com/mbadanoiu/CVE-2021-46364
CVE-2021-46364: YAML Deserialization in Magnolia CMS
Last synced: 10 Mar 2025
https://github.com/4m3rr0r/poc-finder
CVE Checker is a simple Go program that allows you to retrieve information about Common Vulnerabilities and Exposures (CVEs) from GitHub repositories.
cve cves github-poc go poc poc-finder
Last synced: 29 Mar 2025
https://github.com/madret/vuln_checker
Search for vulnerabilites in software or hardware and grab actionable CVE information.
advisories cve cve-search cve-searchsploit cves cves-finder database exploit exploits hardware known nist nvd poc powershell software vulnerabilities vulnerability vulnerability-research vulnerable
Last synced: 05 Mar 2025
https://github.com/mbadanoiu/cve-2022-41678
CVE-2022-41678: Dangerous MBeans Accessible via Jolokia API in Apache ActiveMQ
0-day authenticated cve cve-2022-41678 cves log4jmx remote-code-execution
Last synced: 23 Mar 2025
https://github.com/mbadanoiu/cve-2021-42558
CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera
0-day cross-site-scripting cve cve-2021-42558 cves
Last synced: 01 Mar 2025
https://github.com/ekletony/cybervuln-ml
Machine Learning-based Categorization of Cybersecurity Vulnerabilities - IEEE UEMCON 2024
cves cybersecurity machine-learning nlp vulnerability-detection
Last synced: 08 Apr 2025
https://github.com/mbadanoiu/CVE-2023-26269
CVE-2023-26269: Misconfigured JMX in Apache James
Last synced: 10 Mar 2025
https://github.com/vrikodar/cve-2003-0264_exploit
Buffer Overflow in Seattle Lab Mail (SLmail) 5.5 - POP3
buffer-overflow buffer-overflow-attack cve-2003-0264 cves exploit-development memory-corruption stack-based stack-overflow
Last synced: 19 Feb 2025
https://github.com/mbadanoiu/cve-2021-42561
CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera
0-day authenticated cve cve-2021-42561 cves remote-code-execution
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2021-42559
CVE-2021-42559: Command Injection via Configurations in MITRE Caldera
0-day authenticated cve cve-2021-42559 cves remote-code-execution
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2022-24818
CVE-2022-24818: Java Deserialization via Unchecked JNDI Lookups in GeoServer and GeoTools
0-day cve cve-2022-24818 cves deserialization remote-code-execution
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2019-10092
CVE-2019-10092: Limited Cross-Site Scripting via "Proxy Error" Page in Apache HTTP Server
0-day cve cve-2019-10092 cves open-redirect user-interaction
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2019-9849
CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice
0-day bypass cve cve-2019-9849 cves server-side-request-forgery
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-13965
CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-13965 cves unauthenticated
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-12625
CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-12625 cves unauthenticated
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-12641
CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail
0-day cve cve-2020-12641 cves remote-code-execution unauthenticated
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2021-46361
CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS
0-day authenticated bypass cve cve-2021-46361 cves remote-code-execution server-side-template-injection
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2021-42560
CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera
0-day authenticated cve cve-2021-42560 cves xxe
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2019-14678
CVE-2019-14678: XML External Entity in SAS XML Mapper
0-day cve cve-2019-14678 cves xxe
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2021-46362
CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS
0-day cve cve-2021-46362 cves server-side-template-injection unauthenticated
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2021-46365
CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS
0-day authenticated cve cve-2021-46365 cves xxe
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2022-25813
CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
0-day cve cve-2022-25813 cves remote-code-execution server-side-template-injection user-interaction
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2022-24442
CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack
0-day authenticated bypass cve cve-2021-25770 cve-2022-24442 cves remote-code-execution server-side-template-injection
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-8249
CVE-2020-8249: Buffer Overflow in Pulse Secure VPN Linux Client
0-day buffer-overflow cve cve-2020-8249 cves local-privilege-escalation
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-8250
CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client
0-day command-injection cve cve-2020-8250 cves local-privilege-escalation
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/cve-2020-8248
CVE-2020-8248: Privilege Escalation via Zip Wildcard Exploit in Pulse Secure VPN Linux Client
0-day cve cve-2020-8248 cves local-privilege-escalation wildcard-injection
Last synced: 01 Mar 2025