Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Common Vulnerabilities and Exposures (CVE)
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security
- GitHub: https://github.com/topics/cve
- Wikipedia: https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
- Last updated: 2024-11-14 00:06:14 UTC
- JSON Representation
https://github.com/cvebase/cvebase.com
cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
cve cybersecurity infosec security vulnerabilities wiki
Last synced: 04 Aug 2024
https://github.com/bishopfox/pwn-pulse
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
cve exploit infosec penetration-testing pentest-scripts pentesting red-team security-tools
Last synced: 04 Aug 2024
https://github.com/foospidy/web-cve-tests
A simple framework for sending test payloads for known web CVEs.
application-sec cve cve-scanning payloads struts tests web
Last synced: 07 Nov 2024
https://github.com/sepehrdaddev/zap-scripts
Zed Attack Proxy Scripts for finding CVEs and Secrets.
cve cve-scanning owasp owasp-zap vulnerability vulnerability-detection vulnerability-scanners zap-plugin zaproxy
Last synced: 04 Aug 2024
https://github.com/Exein-io/kepler
NIST-based CVE lookup store and API powered by Rust.
cve cve-scanning cve-search rust security-tools
Last synced: 03 Nov 2024
https://github.com/forrest-orr/exploits
A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
asm browser c cve cve-2019-17026 cve-2020-0674 exploit firefox ie ionmonkey js jscript ms12-037 ms13-008 ms14-051 poc shellcode uaf windows wpad
Last synced: 16 Oct 2024
https://github.com/Twigonometry/Cybersecurity-Notes
My Markdown notes for all things cybersecurity
cheat-sheets ctf-writeups cve cybersecurity cybersecurity-notes hacking hackthebox hackthebox-writeups obsidian obsidian-vault scripting writeups
Last synced: 05 Aug 2024
https://github.com/yardenshafir/CVE-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
cve exploit poc privilege-escalation vulnerability windows
Last synced: 04 Aug 2024
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC
cve exploit proof-of-concept vulnerability
Last synced: 04 Aug 2024
https://github.com/CLincat/vulcat
vulcat可用于扫描Web端常见的CVE、CNVD等编号的漏洞,发现漏洞时会返回Payload信息。部分漏洞还支持命令行交互模式,可以持续利用漏洞
cnvd cnvd-2021-28277 cve cve-2018-7602 cve-2019-15642 cve-2020-10204 cve-2020-9483 cve-2021-21234 cve-2021-22205 cve-2021-3223 cve-2021-35042 cve-2021-42013 cve-2021-43798 cve-2022-1388 cve-2022-26134 exp poc scanner security vulnerability
Last synced: 04 Aug 2024
https://github.com/olbat/nvdcve
NVD/CVE as JSON files
cve vulnerability-identification
Last synced: 24 Oct 2024
https://github.com/Cr4ckC4t/cve-2022-41352-zimbra-rce
Zimbra <9.0.0.p27 RCE
cpio cve cve-2022-41352 python3 rce zimbra
Last synced: 04 Aug 2024
https://github.com/spiderlabs/cve_server
Simple REST-style web service for the CVE searching
api api-rest api-server cpe cve cve-server cvss cvssv2 cvssv3 database nvd ruby
Last synced: 12 Nov 2024
https://github.com/SpiderLabs/cve_server
Simple REST-style web service for the CVE searching
api api-rest api-server cpe cve cve-server cvss cvssv2 cvssv3 database nvd ruby
Last synced: 04 Aug 2024
https://github.com/vfeedio/pyvfeed
Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
capec cve cwe exploits oval python-api scap threat-database threat-intelligence vulnerability-databases vulnerability-management vulnerability-scanners
Last synced: 01 Nov 2024
https://github.com/pwnedshell/Bugs-feed
Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
bugbounty cve hacking python scrapping vulnerabilities
Last synced: 04 Aug 2024
https://github.com/wuhan005/CVE-2022-30781
🍵 Gitea repository migration remote command execution exploit.
cve cve-2022-30781 exploit gitea
Last synced: 23 Oct 2024
https://github.com/wuhan005/cve-2022-30781
🍵 Gitea repository migration remote command execution exploit.
cve cve-2022-30781 exploit gitea
Last synced: 07 Nov 2024
https://github.com/tobor88/PowerShell-Blue-Team
Collection of PowerShell functinos and scripts a Blue Teamer might use
blue-team blue-teams blueteam cve cve-search defense dns-over-https doh powershell powershell-blue-team
Last synced: 01 Nov 2024
https://github.com/ckotzbauer/vulnerability-operator
Scans SBOMs for vulnerabilities with Grype
cve grype kubernetes policyreport sbom security vulnerabilities
Last synced: 26 Oct 2024
https://github.com/sickcodes/security
Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.
advisories bugs cve cwe mitre security vulnerabilities
Last synced: 28 Oct 2024
https://github.com/acceis/exploit-cve-2023-23752
Joomla! < 4.2.8 - Unauthenticated information disclosure
cve cve-2023-23752 exploit information-disclosure joomla vulnerability
Last synced: 06 Nov 2024
https://github.com/karthikuj/cve-2022-42889-text4shell-docker
Dockerized POC for CVE-2022-42889 Text4Shell
act4shell apache commons cve cve-2022-42889 poc text4shell
Last synced: 27 Oct 2024
https://github.com/p0dalirius/cve-2021-43008-adminerread
Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability
adminer bugbounty cve cve-2021-43008 exploit file hacking pentest read tool vulnerability
Last synced: 29 Oct 2024
https://github.com/AppThreat/vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
advisories cli cve database nvd purl sca vers vulnerability-database vulnerability-detection
Last synced: 14 Nov 2024
https://github.com/mufeedvh/cve-2019-8449
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
cve cve-2019-8449 cve-exploit exploit exploit-code exploit-database exploitdb exploiting-vulnerabilities exploits jira jira-api jira-issue jira-rest-api vulnerability
Last synced: 22 Oct 2024
https://github.com/luijait/pwnkit-exploit
Proof of Concept (PoC) CVE-2021-4034
base64 c cve cve-2021-4034 exploit hacking linux offensive-security offsec pentesting poc polkit proof-of-concept pwnkit security
Last synced: 07 Nov 2024
https://github.com/luijait/PwnKit-Exploit
Proof of Concept (PoC) CVE-2021-4034
base64 c cve cve-2021-4034 exploit hacking linux offensive-security offsec pentesting poc polkit proof-of-concept pwnkit security
Last synced: 23 Oct 2024
https://github.com/righel/ms-exchange-version-nse
Nmap script to detect a Microsoft Exchange instance version with OWA enabled.
cve cve-scanning microsoft-exchange nmap nmap-script nse proxyshell vulnerabilities
Last synced: 04 Aug 2024
https://github.com/Warxim/CVE-2022-41852
CVE-2022-41852 Proof of Concept (unofficial)
cve cve-2022-41852 hacking jxpath penetration-testing pentesting proof-of-concept rce remote-code-execution security vulnerability
Last synced: 23 Oct 2024
https://github.com/wjlin0/CVE-2024-23897
CVE-2024-23897 - Jenkins 任意文件读取 利用工具
Last synced: 10 Sep 2024
https://github.com/PalindromeLabs/Java-Deserialization-CVEs
Compiled dataset of Java deserialization CVEs
cve deserialization java-deserialization security
Last synced: 04 Aug 2024
https://github.com/nextcloud/security-advisories
👮 Security advisories of Nextcloud
cve nextcloud security security-advisories
Last synced: 07 Oct 2024
https://github.com/mchmarny/vimp
Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.
artifact container cve gcp grype registry snyk trivy vulnerability
Last synced: 08 Nov 2024
https://github.com/ForceFledgling/CVE-2023-22518
Improper Authorization Vulnerability in Confluence Data Center and Server + bonus 🔥
atlassian atlassian-confluence attack backdoor confluence critical cve exploit exploiting hacking hacking-tool improper python shell vulnerabilities vulnerability
Last synced: 11 Nov 2024
https://github.com/moloch--/cve-2016-1764
Extraction of iMessage Data via XSS
cve exploit imessage security vulnerability xss
Last synced: 08 Nov 2024
https://github.com/sloria/sphinx-issues
A Sphinx extension for linking to your project's issue tracker
changelog cve documentation github issues prs python sphinx sphinx-extension
Last synced: 14 Nov 2024
https://github.com/jpiechowka/jenkins-cve-2016-0792
Exploit for Jenkins serialization vulnerability - CVE-2016-0792
cve cve-2016-0792 deserialization exploit jenkins-serialization-vulnerability python serialization vulnerability vulnerability-detection
Last synced: 04 Aug 2024
https://github.com/reconmap/rest-api
REST API backend for Reconmap
api cve hacktoberfest ipe nmap pentesting reconnaissance secdevops security vulnerability
Last synced: 11 Nov 2024
https://github.com/S1lkys/CVE-2020-15906
Writeup of CVE-2020-15906
cve cve-2020-15906 exploit exploitation
Last synced: 04 Aug 2024
https://github.com/prestascan/prestascansecurity
PrestaScan Security is a PrestaShop module allowing you to scan your PrestaShop website to identify malware and known vulnerabilities in PrestaShop core and modules.
cve prestashop prestashop-free-module prestashop-module security security-tools vulnerability-scanners
Last synced: 10 Oct 2024
https://github.com/HackerDev-Felix/Phoenix-Framework
Phoenix Framework Project
cve exploit exploits infosec poc vulnerabilities vulnerability vulnerability-scanners
Last synced: 04 Aug 2024
https://github.com/stevespringett/vulndb-data-mirror
A simple Java command-line utility to mirror the entire contents of VulnDB.
appsec cve java sca software-composition-analysis software-security vulndb
Last synced: 08 Nov 2024
https://github.com/jgamblin/cvelk
Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
Last synced: 11 Nov 2024
https://github.com/jacksongl/npm-vuln-poc
Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
cve javascript node-js npm proof-of-concept security vulnerabilities
Last synced: 01 Nov 2024
https://github.com/beyarz/cve-api
Unofficial api for cve.mitre.org
api cve cve-search dockerfile parse real-time ruby self-hosted selfhosted sinatra
Last synced: 27 Oct 2024
https://github.com/Kira-Pgr/Github-CVE-Listener
无需服务器的GitHub实时漏洞利用工具监听器,目前支持微信/TG推送,中文版(https://github.com/Kira-Pgr/Github-CVE-Listener/blob/main/README_ZH.md)
cve github telegram-bot wechat
Last synced: 04 Aug 2024
https://github.com/lylemi/dom-vuln-db
A collection of Browser DOM Vulnerabilities with PoCs
browser browser-dom-vulnerabilities cve
Last synced: 03 Aug 2024
https://github.com/charmve/pystegosploit
PoC - Exploit Delivery via Steganography and Polyglots, CVE-2014-0282
browser-exploits charmve cve decoder encoded-images exp exploits html-png-polyglot jpeg jpg jpg-html-polyglot poc steganography stego xss-vulnerability
Last synced: 11 Oct 2024
https://github.com/jmousqueton/github-cve-monitor
Github action for monitoring CVE
cve cybersecurity github-actions python
Last synced: 10 Nov 2024
https://github.com/hackinghippo/log4shell_ioc_ips
log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)
cve cve-2021-44228 ioc list log4j log4shell shell4log
Last synced: 04 Aug 2024
https://github.com/m3n0sd0n4ld/ucve
uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.
cve go golang hacking-tool mitre nist report reporting vulnerabilities
Last synced: 13 Nov 2024
https://github.com/yuriisanin/CVE-2022-24342
PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication
csrf cve cve-2022-24342 exploit jetbrains teamcity vulnerability
Last synced: 23 Oct 2024
https://github.com/merrychap/poc-exploits
:unlock: Vulnerability Research and Proof of Concept exploits for various targets
cve exploit exploitation poc proof-of-concept pwn vulnerabilities vulnerability
Last synced: 12 Oct 2024
https://github.com/err0r-ica/whatspayloadrce
Whatsapp Automatic Payload Generator [CVE-2019-11932]
cve exploit hacking hacking-tools linux payload termux whatsapp whatsapp-chat
Last synced: 14 Oct 2024
https://github.com/Josexv1/CVE-2022-27925
Zimbra CVE-2022-27925 PoC
cve cve-2022-27925 exploit poc zimbra
Last synced: 23 Oct 2024
https://github.com/r3dxpl0it/CVE-2018-4407
IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]
attack blueteam cve cyber-security cybersecurity denial-of-service exploit hacking hacking-tool ios macos network penetration-testing poc redteam security
Last synced: 10 Nov 2024
https://github.com/hrbrmstr/cisa-known-exploited-vulns
Daily archiver & triage issue creator for new releases of CISA's Known Exploited Vulnerabilities list
archiver cisa cve cvss cwe exploited in-the-wild kev triage vulnerabilities vulnerability
Last synced: 11 Oct 2024
https://github.com/devmatic-it/debcvescan
Debian CVE Scanner is self-contained CVE scanner for DEBIAN distributions written in golang.
cve debian go golang security-scanner vulnerabilities
Last synced: 15 Nov 2024
https://github.com/mauricelambert/cve-2022-21907
CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell, Python, Ruby, NMAP and Metasploit. Detection and protection: Powershell. Demonstration: Youtube.
bluescreen crash cve cve-2022-21907 denial-of-service detection dos exploit iis metasploit microsoft nmap payload powershell protection python3 ruby vulnerability webserver
Last synced: 14 Nov 2024
https://github.com/nullarray/pyparser-cve
Multi source CVE/exploit parser.
cve infosec osint parser penetration-testing pentest pentest-tool vulnerabilities
Last synced: 14 Oct 2024
https://github.com/danielruf/snyk-js-jquery-174006
patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428
cve cve-2019-11358 cve-2019-5428 jquery patch snyk snyk-js-jquery-174006
Last synced: 11 Oct 2024
https://github.com/zapalm/prestashop-security-vulnerability-checker
PrestaShop security vulnerability checker for known vulnerabilities.
cve hacktoberfest php-library prestashop security vulnerability
Last synced: 10 Oct 2024
https://github.com/3ndg4me/cve-2020-3452-exploit
Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.
bash cisco cve cve-2020-3452 exploit hacktoberfest shell vulnerability
Last synced: 29 Oct 2024
https://github.com/lucthienphong1120/aio-pentesting
All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester
all-in-one cve enumeration exploitation guide hacker hacking library methodology nmap oscp oscp-cheatsheet penetration-testing pentest pentest-tools pentesting privilege-escalation reconnaissance vulnerability
Last synced: 08 Nov 2024
https://github.com/ElNiak/PANTHER
This tool presents a novel approach to bolstering network protocol verification by integrating the Shadow network simulator with the Ivy formal verification tool to check time properties. Furthermore, it extends Ivy’s capabilities with a dedicated time module, enabling the verification of complex quantitative-time properties.
apt cve docker docker-compose formal-methods formal-verification ivy protocol protocol-tester quic reproducible-research simulator test-automation testing testing-tools tests time-proof transport-layer-protocol
Last synced: 26 Sep 2024
https://github.com/p1ckzi/CVE-2022-22965
spring4shell | CVE-2022-22965
cve cve-2022-22965 exploit pentesting spring-framework tomcat
Last synced: 23 Oct 2024
https://github.com/p1ckzi/cve-2022-22965
spring4shell | CVE-2022-22965
cve cve-2022-22965 exploit pentesting spring-framework tomcat
Last synced: 11 Oct 2024
https://github.com/daedalus/misc
misc scripts
aes android bitcoin bitshuffling compression crypto cryptography cve hash hashing kdbx luks machine-learning mmap performance qrcode rc4 shodan totp zram
Last synced: 29 Oct 2024
https://github.com/0xdea/advisories
A collection of my public security advisories.
Last synced: 29 Oct 2024
https://github.com/cedricbonhomme/freshermeat
An open source software directory and release tracker.
cve cve-search freshmeat release-tracking software-directory
Last synced: 06 Nov 2024
https://github.com/briandfoy/cpan-security-advisory
CPAN Security Advisory Database
Last synced: 14 Nov 2024
https://github.com/gwen001/detectify-cves
Find CVEs that don't have a Detectify modules.
bugbounty cve detectify pentesting scanner security-tools
Last synced: 09 Nov 2024
https://github.com/friends-of-presta/security-advisories
Security advisories of the FOP security team for prestashop
Last synced: 10 Oct 2024
https://github.com/oppsec/pwnfaces
😛 Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)
cve cve-2017-1000486 elinjection exploit golang linux primefaces redteam
Last synced: 08 Nov 2024
https://github.com/danielruf/snyk-js-jquery-565129
patches for SNYK-JS-JQUERY-565129, SNYK-JS-JQUERY-567880, CVE-2020-1102, CVE-2020-11023, includes the patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428
cve cve-2019-11358 cve-2019-5428 cve-2020-11022 cve-2020-11023 jquery patch snyk snyk-js-jquery-174006 snyk-js-jquery-565129 snyk-js-jquery-567880
Last synced: 11 Oct 2024
https://github.com/blackarrowsec/advisories
Advisories and Proofs of Concept by BlackArrow
cve proof-of-concept security-advisories
Last synced: 08 Nov 2024
https://github.com/goncalor/cve-ark
All published CVE and their recent changes, ready to be used by humans and machines
cve security security-vulnerability
Last synced: 04 Aug 2024
https://github.com/codeb0ss/cve-2023-24489-poc
CVE-2023-24489 PoC & Exploiter
citrix-rce cve cve-2023 cve-2023-24489 cve-2023-24489-poc cve-2023-24489-rce kurdish kurdistan rce remote remote-code-execution
Last synced: 13 Nov 2024
https://github.com/stealthcopter/CVE-2020-28243
CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion
cve cve-2020-28243 privilege-escalation saltstack saltstack-minion
Last synced: 23 Oct 2024
https://github.com/briandfoy/cpan-audit
Check CPAN modules for known security vulnerabilities
cve perl perl-module perl-tool security security-audit
Last synced: 14 Oct 2024
https://github.com/stealthcopter/cve-2020-28243
CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion
cve cve-2020-28243 privilege-escalation saltstack saltstack-minion
Last synced: 10 Oct 2024
https://github.com/jakub-przepiora/ps-scan-prestashop-scanner
This tool serves as an initial version scanner specifically designed for PrestaShop, a popular e-commerce platform. The primary purpose of the scanner is to analyze PrestaShop instances for various aspects, such as module information, version details, and potential security vulnerabilities.
cve prestashop security security-tools
Last synced: 10 Oct 2024
https://github.com/edoardottt/nuclei-cve-gpt
[experiment] Generate Nuclei templates for CVEs using chatGPT
chatgpt cve cve-exploit cve-search exploit gpt nuclei nuclei-templates openai projectdiscovery red-team security security-tools
Last synced: 28 Oct 2024
https://github.com/p0dalirius/cve-2022-30780-lighttpd-denial-of-service
CVE-2022-30780 - lighttpd remote denial of service
cve cve-2022-30780 denial exploit lighttpd pentest remote service
Last synced: 29 Oct 2024
https://github.com/CnHack3r/Penetration_PoC
FROM:@Mr-xn 渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
bypass cms-exploits cms-framework cobaltstrike cve exploit rce sql-scanner
Last synced: 23 Oct 2024
https://github.com/Malwareman007/CVE-2022-30206
A POC of CVE-2022-30206
cve cve-2022-30206 microsoft print-spooler privileges security vulnerability windows
Last synced: 23 Oct 2024
https://github.com/maikuolan/vulnerability-charts
Some simple charts for listing CVSS by version for various packages.
charts cve cvss hhvm php phpmyadmin python vulnerabilities vulnerability
Last synced: 28 Oct 2024
https://github.com/r3drun3/cyberhall
🛡️ 🌐 🥷🏻 Everything CyberSecurity Related 🏴☠️ 👾 🕵🏾
ctf cve cybersecurity devsecops hacking infosec secops vapt
Last synced: 09 Nov 2024
https://github.com/infertux/sysechk
System Security Checker is a bundle of small shell scripts to assess your computer security.
cve cve-scanning security security-checker shell
Last synced: 31 Oct 2024
https://github.com/squareslab/semanticcrashbucketing
Semantic Crash Bucketing
bug-fixing crashing-inputs cve fixes fuzzing security
Last synced: 12 Nov 2024