Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Common Vulnerabilities and Exposures (CVE)

The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security

https://github.com/muchdogesec/cti_knowledge_base_store

A repository that stores CTI Knowledge-bases in versioned STIX 2.1 Bundles.

cpe cve disarm mitre-attack mitre-capec mitre-cwe nvd sigma-rules stix2 stix2-extensions yara yara-rules

Last synced: 12 Nov 2024

https://github.com/momenbasel/naggets

old CTF I've made sharing it publicly.

ctf ctf-challenges ctf-platform ctf-playground cve exploit nagios

Last synced: 15 Nov 2024

https://github.com/ppxl/harbor-cve-finder

Comfortably find CVEs in your Harbor container image registry

container cve harbor-registry registry

Last synced: 13 Oct 2024

https://github.com/sa7mon/vulnchest

A collection of vulnerable applications for research purposes

bugbounty cve infosec

Last synced: 12 Nov 2024

https://github.com/shadawck/scabi

Implement vulnerabilities scanning on top of package management system like apt, pip, composer...

cve dependencies mitre ossindex package-manager python scanner security security-audit security-tools vulnerability

Last synced: 15 Nov 2024

https://github.com/s9ra16bf4/exploits

Proof-of-concept for known security issues

cve cve-2019-13623 exploit exploits ghidra golang

Last synced: 08 Nov 2024

https://github.com/l0nax/CVE-2019-15053

(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053

cve cve-2019-15053 exploit poc proof-of-concept vulnerability

Last synced: 23 Oct 2024

https://github.com/richlamdev/dependabot-slack

Github Dependabot Alert Scraper with Send to Slack Channel Option, Software Composition Analysis, Vulnerabilty Management, Patching, Supply Chain Security

api cve cvss cvss3 dependabot github patching python rest-api sca scaper supplychain vulnerability-management

Last synced: 23 Oct 2024

https://github.com/postmodern/nvd-json_feeds.rb

Provides a Ruby API to NVD JSON Feeds.

cve feeds gem json nvd parser ruby

Last synced: 14 Nov 2024

https://github.com/mauricelambert/cve-2021-41773

These Metasploit, Nmap, Python and Ruby scripts detects and exploits CVE-2021-41773 with RCE and local file disclosure.

cve cve-2021-41773 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 14 Nov 2024

https://github.com/raul23/equifax-data-breach

Researching the 2017 Equifax data breach. Saving important notes about this infamous case.

apache attribution cve data-breach equifax java network-intrusion notes vulnerability

Last synced: 14 Nov 2024

https://github.com/travispaul/node-nvd-search

(Unofficial) node module to fetch, cache, and perform offline search of the NIST National Vulnerability Database.

cve nvd

Last synced: 05 Nov 2024

https://github.com/mauricelambert/cve-2021-42013

These Nmap, Python and Ruby scripts detects and exploits CVE-2021-42013 with RCE and local file disclosure.

cve cve-2021-42013 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 14 Nov 2024

https://github.com/peiwithhao/hacker-university-of-peiwithhao

peiwithhao's learning journey in network/system security

archlinux course cve fuzzing linux-kernel linux-kernel-module university

Last synced: 12 Oct 2024

https://github.com/SherlockSec/CVE-2020-0601

A Windows Crypto Exploit

cve cve-2020-0601 exploit windows

Last synced: 23 Oct 2024

https://github.com/brayanhenao/cve-notifications-app

It is an application that monitors new CVEs that are announced for the dependencies that are being tracked and notify them via Slack Webhook message to a specific channel.

cve go slack

Last synced: 08 Nov 2024

https://github.com/vollkorntomate/cvedash

CVEs on a Dashboard

cve dashboard nvd

Last synced: 18 Oct 2024

https://github.com/spamixofficial/cve-2023-38831

CVE-2023-38831 Proof-of-concept code

cve cve-2023-38831 poc proof-of-concept rust

Last synced: 06 Nov 2024

https://github.com/shamo0/CVE-2022-1388

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC

1388 2022 bash bigip cve cve-2022-1388 exploit f5 icontrol python rest script shell vulnerabilit

Last synced: 23 Oct 2024

https://github.com/whokilleddb/CVE-2019-17662

Exploit for CVE-2019-17662 (ThinVNC 1.0b1)

cve cve-2019-17662 exploit poc thinvnc

Last synced: 23 Oct 2024

https://github.com/michaelpgalen/CVE-DataVis-Prototype-JS

A vanilla javascript prototype for a React data visualization project.

cve data-visualization vanilla-javascript vanilla-js

Last synced: 23 Oct 2024

https://github.com/sneezry/vscode-cve

Show security alert for vulnerable dependencies of Node projects

audit cve nodejs vscode-extension

Last synced: 17 Oct 2024

https://github.com/ariary/CVE-2021-25741

πŸͺ„ Instant shell on kubernetes node with CVE-2021-25741 exploit adaptation

cve hostpath infosec k8s-security kubernetes poc

Last synced: 23 Oct 2024

https://github.com/codeb0ss/webshell_executor

Advanced Software To Scan Webshells With The Best Features - For SEO Webshells/SEO Companies.

0day china codeb0ss codeboss cve exploit high-da lufix olux rce-exploit shell shell-exploit webshell webshell-backdoor webshell-detect webshell-exploit wso xleet

Last synced: 13 Nov 2024

https://github.com/swapravo/cvesploit

Find SearchSploit exploits by CVE-IDs / dpkg status file

cve exploits searchsploit

Last synced: 23 Oct 2024

https://github.com/password123456/nvd-cve-database

The Common Vulnerabilities Exposures (CVE) Database

cve nvd vulnerability-databases vulnerability-identification

Last synced: 08 Nov 2024

https://github.com/Sneezry/vscode-cve

Show security alert for vulnerable dependencies of Node projects

audit cve nodejs vscode-extension

Last synced: 23 Oct 2024

https://github.com/SpamixOfficial/CVE-2023-38831

CVE-2023-38831 Proof-of-concept code

cve cve-2023-38831 poc proof-of-concept rust

Last synced: 23 Oct 2024

https://github.com/whokilleddb/cve-2019-17662

Exploit for CVE-2019-17662 (ThinVNC 1.0b1)

cve cve-2019-17662 exploit poc thinvnc

Last synced: 08 Nov 2024

https://github.com/anthonyharrison/cvss

Utilities for manipulating CVSS vulnerability metric

cve cvss cvssv3 metrics security vulnerability-assessment

Last synced: 07 Nov 2024

https://github.com/codeb0ss/cve-2023-20073-

Mass Exploit - CVE-2023-20073 - Cisco VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]

0day bug bugbounty cisco codeb0ss codeboss cve cve-2023-20073 exploit hackerone mass mass-exploit uncodeboss vpn-router

Last synced: 13 Nov 2024

https://github.com/codeb0ss/cve-2023-39143

CVE-2023-39143 < PaperCut < Path Traversal (PT)

0day codeb0ss codeboss cve cve-2023-39143 exploiter hackerone papercut

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42560

CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera

0-day authenticated cve cve-2021-42560 cves xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42559

CVE-2021-42559: Command Injection via Configurations in MITRE Caldera

0-day authenticated cve cve-2021-42559 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-24818

CVE-2022-24818: Java Deserialization via Unchecked JNDI Lookups in GeoServer and GeoTools

0-day cve cve-2022-24818 cves deserialization remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42558

CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera

0-day cross-site-scripting cve cve-2021-42558 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46362

CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS

0-day cve cve-2021-46362 cves server-side-template-injection unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46366

CVE-2021-46366: Credential Bruteforce Attack via CSRF + Open Redirect in Magnolia CMS

0-day csrf cve cve-2021-46366 cves open-redirect

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46363

CVE-2021-46363: Formula Injection in Magnolia CMS

0-day authenticated csv-injection cve cve-2021-46363 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8254

CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

0-day cve cve-2020-8254 cves remote-code-execution user-interaction zip-slip

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-20253

CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower

0-day cve cve-2021-20253 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-40634

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

0-day authenticated bypass cve cve-2020-25803 cve-2022-40634 cves remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-34693

CVE-2024-34693: Server Arbitrary File Read in Apache Superset

0-day arbitrary-file-read cve cve-2024-34693 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-12641

CVE-2020-12641: Command Injection via β€œ_im_convert_path” Parameter in Roundcube Webmail

0-day cve cve-2020-12641 cves remote-code-execution unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-9849

CVE-2019-9849: Remote bullet graphics retrieved in β€œstealth mode” in LibreOffice

0-day bypass cve cve-2019-9849 cves server-side-request-forgery

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-37081

CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

0-day authenticated cve cve-2024-37081 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-22274

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

0-day authenticated cve cve-2024-22274 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-22275

CVE-2024-22275: Partial File Read in VMware vCenter Server

0-day authenticated cve cve-2024-22275 cves file-read

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2023-51518

CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James

0-day cve cve-2023-51518 cves deserialization local-privilege-escalation pre-authentication

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42562

CVE-2021-42562: Improper Access Control in MITRE Caldera

0-day authenticated cve cve-2021-42562 cves insecure-direct-object-reference

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42561

CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

0-day authenticated cve cve-2021-42561 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-13965

CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail

0-day cross-site-scripting cve cve-2020-13965 cves unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-10092

CVE-2019-10092: Limited Cross-Site Scripting via "Proxy Error" Page in Apache HTTP Server

0-day cve cve-2019-10092 cves open-redirect user-interaction

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-12640

CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail

0-day cve cve-2020-12640 cves local-file-inclusion path-traversal

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-12625

CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail

0-day cross-site-scripting cve cve-2020-12625 cves unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-14678

CVE-2019-14678: XML External Entity in SAS XML Mapper

0-day cve cve-2019-14678 cves xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46361

CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS

0-day authenticated bypass cve cve-2021-46361 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46365

CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS

0-day authenticated cve cve-2021-46365 cves xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-20818

CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN

0-day cve cve-2022-20818 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-24442

CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack

0-day authenticated bypass cve cve-2021-25770 cve-2022-24442 cves remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-1332

CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services

0-day cross-site-scripting cve cve-2019-1332 cves reflected-xss

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-29063

CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz

0-day cve cve-2022-29063 cves deserialization local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46364

CVE-2021-46364: YAML Deserialization in Magnolia CMS

cve cve-2021-46364 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2023-49964

CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco

0-day authenticated bypass cve cve-2020-12873 cve-2023-49964 cves remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-25813

CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz

0-day cve cve-2022-25813 cves remote-code-execution server-side-template-injection user-interaction

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8248

CVE-2020-8248: Privilege Escalation via Zip Wildcard Exploit in Pulse Secure VPN Linux Client

0-day cve cve-2020-8248 cves local-privilege-escalation wildcard-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8249

CVE-2020-8249: Buffer Overflow in Pulse Secure VPN Linux Client

0-day buffer-overflow cve cve-2020-8249 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8250

CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client

0-day command-injection cve cve-2020-8250 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2023-40037

CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi

cve cve-2023-40037 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2023-26269

CVE-2023-26269: Misconfigured JMX in Apache James

cve cve-2023-26269 cves

Last synced: 13 Nov 2024

https://github.com/mauricelambert/exchangeweaknesstest

This script test the CVE-2021-26855 vulnerability on Exchange Server.

cve exchange microsoft python3 security security-tools

Last synced: 14 Nov 2024

https://github.com/mchmarny/vul

End-to-end solution for tracking image vulnerabilities over time using most popular open source scanners (e.g. grype, snyk, trivy).

container cve exposure vulnerability

Last synced: 08 Nov 2024

https://github.com/mauricelambert/cve-2021-21985

This script check the CVE-2021-21985 vulnerability and patch on vCenter Server.

cve cve-2021-21985 python3 security security-scan vcenter

Last synced: 14 Nov 2024

https://github.com/password123456/analyzed-cvelist

New CVEs requiring verification and analysis, Everyday

cve cve-advisory cve-alert cve-finding cve-list cve-scanning cve-search

Last synced: 08 Nov 2024

https://github.com/athiththan11/wso2-cve-extractor

CLI Tool to extract the related WSO2 Security Advisory information of CVE

cve scraper wso2

Last synced: 08 Nov 2024

https://github.com/vincentscode/cve-2024-34313

☣️ This repository contains the description and a proof of concept for CVE-2024-34313

cve security-research

Last synced: 13 Nov 2024

https://github.com/cty12/concurrency-exploits

A collection of concurrency bugs & exploits

bug concurrency cve exploit

Last synced: 23 Oct 2024

https://github.com/steake/cve-tracker

Track latest CVE PoCs on Github and Gitlab.

cve cve-tracker cve-tracking exploit github gitlab tracker

Last synced: 30 Oct 2024

https://github.com/vincentscode/cve-2024-34312

☣️ This repository contains the description and a proof of concept for CVE-2024-34312

cve security-research

Last synced: 13 Nov 2024