Common Vulnerabilities and Exposures (CVE)
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security
- GitHub: https://github.com/topics/cve
- Wikipedia: https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
- Last updated: 2025-04-23 00:06:53 UTC
- JSON Representation
https://github.com/cveproject/automation-working-group
CVE Automation Working Group
Last synced: 04 Mar 2025
https://github.com/Vulnogram/Vulnogram
Vulnogram is a tool for creating and editing CVE information in CVE JSON format
cve cve-json cvss cvssv3 cwe json nvd security security-automation security-tools security-vulnerability vulnerability
Last synced: 11 Nov 2024
https://github.com/yevh/vulnplanet
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
android api application-security appsec-tutorials appsecurity bugbounty code codesecurity cve ios owasp owasp-top-10 pentesting poc security vulnerabilities vulnerability waf web2 web3
Last synced: 26 Feb 2025
https://github.com/dotPY-hax/gitlab_RCE
RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
ctf cve cve-2018-19571 cve-2018-19585 cve-2020-10977 exploit gitlab gitlab-rce lfi rce
Last synced: 21 Nov 2024
https://github.com/tg12/poc_cves
PoC_CVEs
cve cve-2020-0796 cve-2021-44228 cve-scanning cve-search cves poc
Last synced: 25 Mar 2025
https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC
CVE 2021-21315 PoC
cve cybersecurity infosec injection nodejs offensive-security pentesting proof-of-concept redteaming research vulnerabilities vulnerability
Last synced: 21 Nov 2024
https://github.com/symfonycorp/security-checker-action
The PHP Security Checker
Last synced: 06 Apr 2025
https://github.com/yevh/VulnPlanet
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
android api application-security appsec-tutorials appsecurity bugbounty code codesecurity cve ios owasp owasp-top-10 pentesting poc security vulnerabilities vulnerability waf web2 web3
Last synced: 31 Dec 2024
https://github.com/jmousqueton/poc-cve-2022-30190
POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina
cve follina msoffice poc proof-of-concept rce vulnerability
Last synced: 10 Nov 2024
https://github.com/trimstray/massh-enum
OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
accounts cve cve-2018-15473 enumeration openssh ssh users vulnerability
Last synced: 18 Nov 2024
https://github.com/n3m1sys/CVE-2023-22809-sudoedit-privesc
A script to automate privilege escalation with CVE-2023-22809 vulnerability
cve cve-2023-22809 exploit privesc script sudo sudoedit vulnerability
Last synced: 02 Jan 2025
https://github.com/ossf-cve-benchmark/ossf-cve-benchmark
The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
benchmark cve open-source security vulnerability
Last synced: 14 Nov 2024
https://github.com/cvebase/cvebase.com
cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
cve cybersecurity infosec security vulnerabilities wiki
Last synced: 21 Nov 2024
https://github.com/bishopfox/pwn-pulse
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
cve exploit infosec penetration-testing pentest-scripts pentesting red-team security-tools
Last synced: 19 Apr 2025
https://github.com/foospidy/web-cve-tests
A simple framework for sending test payloads for known web CVEs.
application-sec cve cve-scanning payloads struts tests web
Last synced: 12 Apr 2025
https://github.com/Exein-io/kepler
NIST-based CVE lookup store and API powered by Rust.
cve cve-scanning cve-search rust security-tools
Last synced: 02 Apr 2025
https://github.com/Twigonometry/Cybersecurity-Notes
My Markdown notes for all things cybersecurity
cheat-sheets ctf-writeups cve cybersecurity cybersecurity-notes hacking hackthebox hackthebox-writeups obsidian obsidian-vault scripting writeups
Last synced: 23 Nov 2024
https://github.com/sepehrdaddev/zap-scripts
Zed Attack Proxy Scripts for finding CVEs and Secrets.
cve cve-scanning owasp owasp-zap vulnerability vulnerability-detection vulnerability-scanners zap-plugin zaproxy
Last synced: 21 Nov 2024
https://github.com/exein-io/kepler
NIST-based CVE lookup store and API powered by Rust.
cve cve-scanning cve-search rust security-tools
Last synced: 18 Jan 2025
https://github.com/yardenshafir/cve-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
cve exploit poc privilege-escalation vulnerability windows
Last synced: 14 Apr 2025
https://github.com/Patrowl/PatrowlHearsData
Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
cpe cve cve-scanning cwe exploit vulnerabilities vulnerability-identification
Last synced: 18 Jan 2025
https://github.com/forrest-orr/exploits
A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
asm browser c cve cve-2019-17026 cve-2020-0674 exploit firefox ie ionmonkey js jscript ms12-037 ms13-008 ms14-051 poc shellcode uaf windows wpad
Last synced: 15 Apr 2025
https://github.com/thekingofduck/sbcve
不定期记录一下浪费了时间去关注过的垃圾CVE漏洞。
cve cve-scanning cve-search shit
Last synced: 09 Mar 2025
https://github.com/yardenshafir/CVE-2020-1034
PoC demonstrating the use of cve-2020-1034 for privilege escalation
cve exploit poc privilege-escalation vulnerability windows
Last synced: 21 Nov 2024
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC
cve exploit proof-of-concept vulnerability
Last synced: 21 Nov 2024
https://github.com/CLincat/vulcat
vulcat可用于扫描Web端常见的CVE、CNVD等编号的漏洞,发现漏洞时会返回Payload信息。部分漏洞还支持命令行交互模式,可以持续利用漏洞
cnvd cnvd-2021-28277 cve cve-2018-7602 cve-2019-15642 cve-2020-10204 cve-2020-9483 cve-2021-21234 cve-2021-22205 cve-2021-3223 cve-2021-35042 cve-2021-42013 cve-2021-43798 cve-2022-1388 cve-2022-26134 exp poc scanner security vulnerability
Last synced: 21 Nov 2024
https://github.com/olbat/nvdcve
NVD/CVE as JSON files
cve vulnerability-identification
Last synced: 05 Apr 2025
https://github.com/aigptcode/wordpress-auto-admin-account-and-reverse-shell-cve-2024-27956
WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries
android backdoor backdoors cve exploit hack hacking html nuclei nuclei-templates php ransomware rce reverse-shell shell website windows wordpress wordpress-plugin
Last synced: 11 Apr 2025
https://github.com/Cr4ckC4t/cve-2022-41352-zimbra-rce
Zimbra <9.0.0.p27 RCE
cpio cve cve-2022-41352 python3 rce zimbra
Last synced: 21 Nov 2024
https://github.com/spiderlabs/cve_server
Simple REST-style web service for the CVE searching
api api-rest api-server cpe cve cve-server cvss cvssv2 cvssv3 database nvd ruby
Last synced: 12 Nov 2024
https://github.com/vfeedio/pyvfeed
Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
capec cve cwe exploits oval python-api scap threat-database threat-intelligence vulnerability-databases vulnerability-management vulnerability-scanners
Last synced: 30 Mar 2025
https://github.com/SpiderLabs/cve_server
Simple REST-style web service for the CVE searching
api api-rest api-server cpe cve cve-server cvss cvssv2 cvssv3 database nvd ruby
Last synced: 21 Nov 2024
https://github.com/pwnedshell/Bugs-feed
Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
bugbounty cve hacking python scrapping vulnerabilities
Last synced: 21 Nov 2024
https://github.com/nollium/cve-2024-9264
Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)
authenticated cve cve-2024-9264 exploit file-read-vulnerability grafana poc rce rce-exploit security vulnerability
Last synced: 06 Apr 2025
https://github.com/sickcodes/security
Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.
advisories bugs cve cwe mitre security vulnerabilities
Last synced: 24 Mar 2025
https://github.com/wuhan005/cve-2022-30781
🍵 Gitea repository migration remote command execution exploit.
cve cve-2022-30781 exploit gitea
Last synced: 19 Feb 2025
https://github.com/wuhan005/CVE-2022-30781
🍵 Gitea repository migration remote command execution exploit.
cve cve-2022-30781 exploit gitea
Last synced: 10 Mar 2025
https://github.com/tobor88/PowerShell-Blue-Team
Collection of PowerShell functinos and scripts a Blue Teamer might use
blue-team blue-teams blueteam cve cve-search defense dns-over-https doh powershell powershell-blue-team
Last synced: 30 Mar 2025
https://github.com/acceis/exploit-cve-2023-23752
Joomla! < 4.2.8 - Unauthenticated information disclosure
cve cve-2023-23752 exploit information-disclosure joomla vulnerability
Last synced: 08 Apr 2025
https://github.com/ckotzbauer/vulnerability-operator
Scans SBOMs for vulnerabilities with Grype
cve grype kubernetes policyreport sbom security vulnerabilities
Last synced: 06 Apr 2025
https://github.com/p0dalirius/cve-2021-43008-adminerread
Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability
adminer bugbounty cve cve-2021-43008 exploit file hacking pentest read tool vulnerability
Last synced: 30 Dec 2024
https://github.com/chocapikk/cve-2023-6553
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
cve cve-2023-6553 cybersecurity exploit hacking infosec php python rce security security-research vulnerability wordpress
Last synced: 19 Apr 2025
https://github.com/righel/ms-exchange-version-nse
Nmap script to detect a Microsoft Exchange instance version with OWA enabled.
cve cve-scanning microsoft-exchange nmap nmap-script nse proxyshell vulnerabilities
Last synced: 21 Nov 2024
https://github.com/karthikuj/cve-2022-42889-text4shell-docker
Dockerized POC for CVE-2022-42889 Text4Shell
act4shell apache commons cve cve-2022-42889 poc text4shell
Last synced: 18 Mar 2025
https://github.com/wjlin0/cve-2024-23897
CVE-2024-23897 - Jenkins 任意文件读取 利用工具
Last synced: 15 Mar 2025
https://github.com/AppThreat/vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
advisories cli cve database nvd purl sca vers vulnerability-database vulnerability-detection
Last synced: 14 Nov 2024
https://github.com/Orange-Cyberdefense/CVE-repository
:beetle: Repository of CVE found by OCD people
advisory cve exploit exploits vulnerabilities vulnerability
Last synced: 22 Feb 2025
https://github.com/wjlin0/CVE-2024-23897
CVE-2024-23897 - Jenkins 任意文件读取 利用工具
Last synced: 02 Jan 2025
https://github.com/mufeedvh/cve-2019-8449
CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
cve cve-2019-8449 cve-exploit exploit exploit-code exploit-database exploitdb exploiting-vulnerabilities exploits jira jira-api jira-issue jira-rest-api vulnerability
Last synced: 09 Mar 2025
https://github.com/luijait/PwnKit-Exploit
Proof of Concept (PoC) CVE-2021-4034
base64 c cve cve-2021-4034 exploit hacking linux offensive-security offsec pentesting poc polkit proof-of-concept pwnkit security
Last synced: 10 Mar 2025
https://github.com/luijait/pwnkit-exploit
Proof of Concept (PoC) CVE-2021-4034
base64 c cve cve-2021-4034 exploit hacking linux offensive-security offsec pentesting poc polkit proof-of-concept pwnkit security
Last synced: 11 Apr 2025
https://github.com/Warxim/CVE-2022-41852
CVE-2022-41852 Proof of Concept (unofficial)
cve cve-2022-41852 hacking jxpath penetration-testing pentesting proof-of-concept rce remote-code-execution security vulnerability
Last synced: 10 Mar 2025
https://github.com/nextcloud/security-advisories
👮 Security advisories of Nextcloud
cve nextcloud security security-advisories
Last synced: 28 Feb 2025
https://github.com/al1ex/cve-2021-27928
CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞
Last synced: 11 Apr 2025
https://github.com/mchmarny/vimp
Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.
artifact container cve gcp grype registry snyk trivy vulnerability
Last synced: 15 Apr 2025
https://github.com/PalindromeLabs/Java-Deserialization-CVEs
Compiled dataset of Java deserialization CVEs
cve deserialization java-deserialization security
Last synced: 21 Nov 2024
https://github.com/prestascan/prestascansecurity
PrestaScan Security is a PrestaShop module allowing you to scan your PrestaShop website to identify malware and known vulnerabilities in PrestaShop core and modules.
cve prestashop prestashop-free-module prestashop-module security security-tools vulnerability-scanners
Last synced: 10 Apr 2025
https://github.com/dgtlss/warden
A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email
cve laravel laravel-framework laravel-package laravel-security laravel-security-checker php php8 security security-tools vulnerabilities vulnerability vulnerability-scanners warden
Last synced: 05 Apr 2025
https://github.com/eqstlab/cve-2024-5932
Proof-of-Concept for CVE-2024-5932
cve cve-2024-5932 exploit givewp object-injection php poc proof-of-concept security vulnerability
Last synced: 10 Feb 2025
https://github.com/moloch--/cve-2016-1764
Extraction of iMessage Data via XSS
cve exploit imessage security vulnerability xss
Last synced: 14 Apr 2025
https://github.com/ForceFledgling/CVE-2023-22518
Improper Authorization Vulnerability in Confluence Data Center and Server + bonus 🔥
atlassian atlassian-confluence attack backdoor confluence critical cve exploit exploiting hacking hacking-tool improper python shell vulnerabilities vulnerability
Last synced: 11 Nov 2024
https://github.com/jpiechowka/jenkins-cve-2016-0792
Exploit for Jenkins serialization vulnerability - CVE-2016-0792
cve cve-2016-0792 deserialization exploit jenkins-serialization-vulnerability python serialization vulnerability vulnerability-detection
Last synced: 21 Nov 2024
https://github.com/eqstlab/cve-2024-46538
PfSense Stored XSS lead to Arbitrary Code Execution exploit
cve cve-2024-46538 exploit pfsense php poc proof-of-concept security vulnerability
Last synced: 25 Mar 2025
https://github.com/reconmap/rest-api
REST API backend for Reconmap
api cve hacktoberfest ipe nmap pentesting reconnaissance secdevops security vulnerability
Last synced: 09 Apr 2025
https://github.com/zeyad-azima/cve-2024-27348
Apache HugeGraph Server RCE Scanner ( CVE-2024-27348 )
apache cve cve-scanning exploit vulnerability vulnerability-scanners
Last synced: 09 Feb 2025
https://github.com/S1lkys/CVE-2020-15906
Writeup of CVE-2020-15906
cve cve-2020-15906 exploit exploitation
Last synced: 21 Nov 2024
https://github.com/mr-xn/cve-2024-36401
Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit
cve cve-2024-36401 geoserver poc rce vulnerabilities
Last synced: 22 Mar 2025
https://github.com/s1lkys/cve-2020-15906
Writeup of CVE-2020-15906
cve cve-2020-15906 exploit exploitation
Last synced: 14 Dec 2024
https://github.com/jacksongl/npm-vuln-poc
Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
cve javascript node-js npm proof-of-concept security vulnerabilities
Last synced: 19 Dec 2024
https://github.com/stevespringett/vulndb-data-mirror
A simple Java command-line utility to mirror the entire contents of VulnDB.
appsec cve java sca software-composition-analysis software-security vulndb
Last synced: 19 Dec 2024
https://github.com/jgamblin/cvelk
Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
Last synced: 11 Nov 2024
https://github.com/HackerDev-Felix/Phoenix-Framework
Phoenix Framework Project
cve exploit exploits infosec poc vulnerabilities vulnerability vulnerability-scanners
Last synced: 21 Nov 2024
https://github.com/beyarz/cve-api
Unofficial api for cve.mitre.org
api cve cve-search dockerfile parse real-time ruby self-hosted selfhosted sinatra
Last synced: 17 Mar 2025
https://github.com/Kira-Pgr/Github-CVE-Listener
无需服务器的GitHub实时漏洞利用工具监听器,目前支持微信/TG推送,中文版(https://github.com/Kira-Pgr/Github-CVE-Listener/blob/main/README_ZH.md)
cve github telegram-bot wechat
Last synced: 21 Nov 2024
https://github.com/mr-xn/cve-2022-40127
Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC
Last synced: 22 Mar 2025
https://github.com/lylemi/dom-vuln-db
A collection of Browser DOM Vulnerabilities with PoCs
browser browser-dom-vulnerabilities cve
Last synced: 18 Nov 2024
https://github.com/charmve/pystegosploit
PoC - Exploit Delivery via Steganography and Polyglots, CVE-2014-0282
browser-exploits charmve cve decoder encoded-images exp exploits html-png-polyglot jpeg jpg jpg-html-polyglot poc steganography stego xss-vulnerability
Last synced: 05 Mar 2025
https://github.com/mbadanoiu/cve-2024-22274
CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server
0-day authenticated cve cve-2024-22274 cves remote-code-execution
Last synced: 01 Mar 2025
https://github.com/hackinghippo/log4shell_ioc_ips
log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)
cve cve-2021-44228 ioc list log4j log4shell shell4log
Last synced: 21 Nov 2024
https://github.com/jmousqueton/github-cve-monitor
Github action for monitoring CVE
cve cybersecurity github-actions python
Last synced: 10 Nov 2024
https://github.com/m3n0sd0n4ld/ucve
uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.
cve go golang hacking-tool mitre nist report reporting vulnerabilities
Last synced: 09 Apr 2025
https://github.com/yuriisanin/CVE-2022-24342
PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication
csrf cve cve-2022-24342 exploit jetbrains teamcity vulnerability
Last synced: 10 Mar 2025
https://github.com/merrychap/poc-exploits
:unlock: Vulnerability Research and Proof of Concept exploits for various targets
cve exploit exploitation poc proof-of-concept pwn vulnerabilities vulnerability
Last synced: 15 Mar 2025
https://github.com/lucthienphong1120/aio-pentesting
All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester
all-in-one cve enumeration exploitation guide hacker hacking library methodology nmap oscp oscp-cheatsheet penetration-testing pentest pentest-tools pentesting privilege-escalation reconnaissance vulnerability
Last synced: 22 Apr 2025
https://github.com/ElNiak/PANTHER
This tool presents a novel approach to bolstering network protocol verification by integrating the Shadow network simulator with the Ivy formal verification tool to check time properties. Furthermore, it extends Ivy’s capabilities with a dedicated time module, enabling the verification of complex quantitative-time properties.
cve cybersecurity docker docker-compose formal-methods formal-verification ivy network-analysis network-security network-simulator protocol protocol-tester quic reproducible-research test-automation testing testing-tools tests time-proof transport-layer-protocol
Last synced: 18 Jan 2025
https://github.com/hrbrmstr/cisa-known-exploited-vulns
Daily archiver & triage issue creator for new releases of CISA's Known Exploited Vulnerabilities list
archiver cisa cve cvss cwe exploited in-the-wild kev triage vulnerabilities vulnerability
Last synced: 05 Mar 2025
https://github.com/lucthienphong1120/AIO-Pentesting
All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester
all-in-one cve enumeration exploitation guide hacker hacking library methodology nmap oscp oscp-cheatsheet penetration-testing pentest pentest-tools pentesting privilege-escalation reconnaissance vulnerability
Last synced: 01 Apr 2025
https://github.com/err0r-ica/whatspayloadrce
Whatsapp Automatic Payload Generator [CVE-2019-11932]
cve exploit hacking hacking-tools linux payload termux whatsapp whatsapp-chat
Last synced: 12 Apr 2025
https://github.com/Josexv1/CVE-2022-27925
Zimbra CVE-2022-27925 PoC
cve cve-2022-27925 exploit poc zimbra
Last synced: 10 Mar 2025
