Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Common Vulnerabilities and Exposures (CVE)
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United Statesβ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security
- GitHub: https://github.com/topics/cve
- Wikipedia: https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
- Last updated: 2024-11-14 00:06:14 UTC
- JSON Representation
https://github.com/raul23/equifax-data-breach
Researching the 2017 Equifax data breach. Saving important notes about this infamous case.
apache attribution cve data-breach equifax java network-intrusion notes vulnerability
Last synced: 14 Nov 2024
https://github.com/password123456/nvd-cve-database
The Common Vulnerabilities Exposures (CVE) Database
cve nvd vulnerability-databases vulnerability-identification
Last synced: 08 Nov 2024
https://github.com/momenbasel/naggets
old CTF I've made sharing it publicly.
ctf ctf-challenges ctf-platform ctf-playground cve exploit nagios
Last synced: 15 Nov 2024
https://github.com/SherlockSec/CVE-2020-0601
A Windows Crypto Exploit
cve cve-2020-0601 exploit windows
Last synced: 23 Oct 2024
https://github.com/SpamixOfficial/CVE-2023-38831
CVE-2023-38831 Proof-of-concept code
cve cve-2023-38831 poc proof-of-concept rust
Last synced: 23 Oct 2024
https://github.com/l0nax/CVE-2019-15053
(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053
cve cve-2019-15053 exploit poc proof-of-concept vulnerability
Last synced: 23 Oct 2024
https://github.com/Fadavvi/CVE-2018-17431-PoC
Proof of consept for CVE-2018-17431
comodo cve cve-2018-17431 exploit poc proof-of-concept rce remote-code-execution
Last synced: 23 Oct 2024
https://github.com/michaelpgalen/CVE-DataVis-Prototype-JS
A vanilla javascript prototype for a React data visualization project.
cve data-visualization vanilla-javascript vanilla-js
Last synced: 23 Oct 2024
https://github.com/whokilleddb/cve-2019-17662
Exploit for CVE-2019-17662 (ThinVNC 1.0b1)
cve cve-2019-17662 exploit poc thinvnc
Last synced: 08 Nov 2024
https://github.com/brayanhenao/cve-notifications-app
It is an application that monitors new CVEs that are announced for the dependencies that are being tracked and notify them via Slack Webhook message to a specific channel.
Last synced: 08 Nov 2024
https://github.com/richlamdev/dependabot-slack
Github Dependabot Alert Scraper with Send to Slack Channel Option, Software Composition Analysis, Vulnerabilty Management, Patching, Supply Chain Security
api cve cvss cvss3 dependabot github patching python rest-api sca scaper supplychain vulnerability-management
Last synced: 23 Oct 2024
https://github.com/muchdogesec/cpe2stix
A command line tool that turns NVD CPE records into STIX 2.1 Objects.
Last synced: 12 Nov 2024
https://github.com/muchdogesec/cti_knowledge_base_store
A repository that stores CTI Knowledge-bases in versioned STIX 2.1 Bundles.
cpe cve disarm mitre-attack mitre-capec mitre-cwe nvd sigma-rules stix2 stix2-extensions yara yara-rules
Last synced: 12 Nov 2024
https://github.com/whokilleddb/CVE-2019-17662
Exploit for CVE-2019-17662 (ThinVNC 1.0b1)
cve cve-2019-17662 exploit poc thinvnc
Last synced: 23 Oct 2024
https://github.com/sa7mon/vulnchest
A collection of vulnerable applications for research purposes
Last synced: 12 Nov 2024
https://github.com/travispaul/node-nvd-search
(Unofficial) node module to fetch, cache, and perform offline search of the NIST National Vulnerability Database.
Last synced: 05 Nov 2024
https://github.com/sneezry/vscode-cve
Show security alert for vulnerable dependencies of Node projects
audit cve nodejs vscode-extension
Last synced: 17 Oct 2024
https://github.com/GeorgiiFirsov/CVE-2020-1034
CVE 2020-1034 exploit and presentation
cve cve-2020-1034 education exploit research vulnerability winapi windows
Last synced: 23 Oct 2024
https://github.com/Sneezry/vscode-cve
Show security alert for vulnerable dependencies of Node projects
audit cve nodejs vscode-extension
Last synced: 23 Oct 2024
https://github.com/ariary/CVE-2021-25741
πͺ Instant shell on kubernetes node with CVE-2021-25741 exploit adaptation
cve hostpath infosec k8s-security kubernetes poc
Last synced: 23 Oct 2024
https://github.com/ppxl/harbor-cve-finder
Comfortably find CVEs in your Harbor container image registry
container cve harbor-registry registry
Last synced: 13 Oct 2024
https://github.com/mauricelambert/cve-2021-41773
These Metasploit, Nmap, Python and Ruby scripts detects and exploits CVE-2021-41773 with RCE and local file disclosure.
cve cve-2021-41773 detection exploit metasploit nmap python3 rce ruby scanner vulnerability
Last synced: 14 Nov 2024
https://github.com/codeb0ss/webshell_executor
Advanced Software To Scan Webshells With The Best Features - For SEO Webshells/SEO Companies.
0day china codeb0ss codeboss cve exploit high-da lufix olux rce-exploit shell shell-exploit webshell webshell-backdoor webshell-detect webshell-exploit wso xleet
Last synced: 13 Nov 2024
https://github.com/mauricelambert/cve-2021-42013
These Nmap, Python and Ruby scripts detects and exploits CVE-2021-42013 with RCE and local file disclosure.
cve cve-2021-42013 detection exploit metasploit nmap python3 rce ruby scanner vulnerability
Last synced: 14 Nov 2024
https://github.com/shadawck/scabi
Implement vulnerabilities scanning on top of package management system like apt, pip, composer...
cve dependencies mitre ossindex package-manager python scanner security security-audit security-tools vulnerability
Last synced: 15 Nov 2024
https://github.com/swapravo/cvesploit
Find SearchSploit exploits by CVE-IDs / dpkg status file
Last synced: 23 Oct 2024
https://github.com/peiwithhao/hacker-university-of-peiwithhao
peiwithhao's learning journey in network/system security
archlinux course cve fuzzing linux-kernel linux-kernel-module university
Last synced: 12 Oct 2024
https://github.com/jmousqueton/cti-teams-notification
Teams Notification on closed PR
cti cve cybersecurity github-actions msteams python python3 ransomware teams webhook
Last synced: 10 Nov 2024
https://github.com/spamixofficial/cve-2023-38831
CVE-2023-38831 Proof-of-concept code
cve cve-2023-38831 poc proof-of-concept rust
Last synced: 06 Nov 2024
https://github.com/s9ra16bf4/exploits
Proof-of-concept for known security issues
cve cve-2019-13623 exploit exploits ghidra golang
Last synced: 08 Nov 2024
https://github.com/mbadanoiu/cve-2020-8254
CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client
0-day cve cve-2020-8254 cves remote-code-execution user-interaction zip-slip
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-20253
CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower
0-day cve cve-2021-20253 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-40634
CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS
0-day authenticated bypass cve cve-2020-25803 cve-2022-40634 cves remote-code-execution server-side-template-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-34693
CVE-2024-34693: Server Arbitrary File Read in Apache Superset
0-day arbitrary-file-read cve cve-2024-34693 cves
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-12641
CVE-2020-12641: Command Injection via β_im_convert_pathβ Parameter in Roundcube Webmail
0-day cve cve-2020-12641 cves remote-code-execution unauthenticated
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-9849
CVE-2019-9849: Remote bullet graphics retrieved in βstealth modeβ in LibreOffice
0-day bypass cve cve-2019-9849 cves server-side-request-forgery
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-37081
CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server
0-day authenticated cve cve-2024-37081 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-22274
CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server
0-day authenticated cve cve-2024-22274 cves remote-code-execution
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-22275
CVE-2024-22275: Partial File Read in VMware vCenter Server
0-day authenticated cve cve-2024-22275 cves file-read
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2023-51518
CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James
0-day cve cve-2023-51518 cves deserialization local-privilege-escalation pre-authentication
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-42562
CVE-2021-42562: Improper Access Control in MITRE Caldera
0-day authenticated cve cve-2021-42562 cves insecure-direct-object-reference
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-42561
CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera
0-day authenticated cve cve-2021-42561 cves remote-code-execution
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-13965
CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-13965 cves unauthenticated
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-10092
CVE-2019-10092: Limited Cross-Site Scripting via "Proxy Error" Page in Apache HTTP Server
0-day cve cve-2019-10092 cves open-redirect user-interaction
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-12640
CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail
0-day cve cve-2020-12640 cves local-file-inclusion path-traversal
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-12625
CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-12625 cves unauthenticated
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-14678
CVE-2019-14678: XML External Entity in SAS XML Mapper
0-day cve cve-2019-14678 cves xxe
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46361
CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS
0-day authenticated bypass cve cve-2021-46361 cves remote-code-execution
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46365
CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS
0-day authenticated cve cve-2021-46365 cves xxe
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-20818
CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN
0-day cve cve-2022-20818 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-24442
CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack
0-day authenticated bypass cve cve-2021-25770 cve-2022-24442 cves remote-code-execution server-side-template-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-1332
CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services
0-day cross-site-scripting cve cve-2019-1332 cves reflected-xss
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-29063
CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz
0-day cve cve-2022-29063 cves deserialization local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46364
CVE-2021-46364: YAML Deserialization in Magnolia CMS
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2023-49964
CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco
0-day authenticated bypass cve cve-2020-12873 cve-2023-49964 cves remote-code-execution server-side-template-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-25813
CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
0-day cve cve-2022-25813 cves remote-code-execution server-side-template-injection user-interaction
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-8248
CVE-2020-8248: Privilege Escalation via Zip Wildcard Exploit in Pulse Secure VPN Linux Client
0-day cve cve-2020-8248 cves local-privilege-escalation wildcard-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-8249
CVE-2020-8249: Buffer Overflow in Pulse Secure VPN Linux Client
0-day buffer-overflow cve cve-2020-8249 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-8250
CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client
0-day command-injection cve cve-2020-8250 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/codexlynx/cve-2019-25024
Full exploit code for CVE-2019-25024 an unauthenticated command injection flaw in OpenRepeater.
cve cve-2019-25024 exploit mitre openrepeater vulnerability
Last synced: 10 Nov 2024
https://github.com/mbadanoiu/cve-2023-40037
CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2023-26269
CVE-2023-26269: Misconfigured JMX in Apache James
Last synced: 13 Nov 2024
https://github.com/mauricelambert/exchangeweaknesstest
This script test the CVE-2021-26855 vulnerability on Exchange Server.
cve exchange microsoft python3 security security-tools
Last synced: 14 Nov 2024
https://github.com/mauricelambert/cve-2021-21985
This script check the CVE-2021-21985 vulnerability and patch on vCenter Server.
cve cve-2021-21985 python3 security security-scan vcenter
Last synced: 14 Nov 2024
https://github.com/codeb0ss/CVE-2023-20073-
Mass Exploit - CVE-2023-20073 - Cisco VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]
0day bug bugbounty cisco codeb0ss codeboss cve cve-2023-20073 exploit hackerone mass mass-exploit uncodeboss vpn-router
Last synced: 23 Oct 2024
https://github.com/codeb0ss/CVE-2023-3836
0day bugbounty codeb0ss codeboss cve cve-2023-3836 exploit exploiter hackerone uncodeboss webshell
Last synced: 23 Oct 2024
https://github.com/vincentscode/cve-2024-34313
β£οΈ This repository contains the description and a proof of concept for CVE-2024-34313
Last synced: 13 Nov 2024
https://github.com/vincentscode/cve-2024-34312
β£οΈ This repository contains the description and a proof of concept for CVE-2024-34312
Last synced: 13 Nov 2024
https://github.com/lem0nsec/cve-2010-5301
A proof of concept of an SEH overflow with arbitrary dll injection
cve exploit-development windows
Last synced: 15 Nov 2024
https://github.com/athiththan11/wso2-cve-extractor
CLI Tool to extract the related WSO2 Security Advisory information of CVE
Last synced: 08 Nov 2024
https://github.com/madret/vuln_checker
Search for vulnerabilites in software or hardware and grab actionable CVE information.
advisories cve cve-search cve-searchsploit cves cves-finder database exploit exploits hardware known nist nvd poc powershell software vulnerabilities vulnerability vulnerability-research vulnerable
Last synced: 15 Nov 2024
https://github.com/password123456/analyzed-cvelist
New CVEs requiring verification and analysis, Everyday
cve cve-advisory cve-alert cve-finding cve-list cve-scanning cve-search
Last synced: 08 Nov 2024
https://github.com/codexlynx/CVE-2019-25024
Full exploit code for CVE-2019-25024 an unauthenticated command injection flaw in OpenRepeater.
cve cve-2019-25024 exploit mitre openrepeater vulnerability
Last synced: 23 Oct 2024
https://github.com/mbadanoiu/CVE-2023-26269
CVE-2023-26269: Misconfigured JMX in Apache James
Last synced: 23 Oct 2024
https://github.com/extra2000/markakd-CVE-2022-2588
Exploit for CVE-2022-2588 by [Markakd](https://github.com/Markakd)
Last synced: 23 Oct 2024
https://github.com/mbadanoiu/CVE-2023-40037
CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi
Last synced: 23 Oct 2024
https://github.com/codeb0ss/CVE-2024-25735-PoC
CVE-2024-25735 - WyreStorm Apollo VX20 - Information Disclosure
codeb0ss cve cve-2024 cve-2024-25753 cve-2024-25753-exp cve-2024-25753-poc exploit exploits uncodeboss vulnerability
Last synced: 23 Oct 2024
https://github.com/msantos/cvecat
Command line utility to format and write CVE data to stdout
Last synced: 02 Nov 2024
https://github.com/anthonyharrison/CVSS
Utilities for manipulating CVSS vulnerability metric
cve cvss cvssv3 metrics security vulnerability-assessment
Last synced: 23 Oct 2024
https://github.com/7etsuo/diskpulse-exploit
SEH Overflow for DiskPulse Enterprise v10.0.12 Web Server
buffer-overflow buffer-overflow-attack cve exploit-development exploits hacking sehbasedbufferoverflow
Last synced: 07 Nov 2024
https://github.com/steake/cve-tracker
Track latest CVE PoCs on Github and Gitlab.
cve cve-tracker cve-tracking exploit github gitlab tracker
Last synced: 30 Oct 2024
https://github.com/maxgestic/Follina-Generator
A simple Follina RTF and DOCX generator
cve cve-2022-30190 docx exploit follina office poc rce rtf vulnerability windows windows-10 windows-11 word
Last synced: 23 Oct 2024
https://github.com/cty12/concurrency-exploits
A collection of concurrency bugs & exploits
Last synced: 23 Oct 2024
https://github.com/gsmith257-cyber/BIT3434CVE
BI T3434 Project on data mining CVEs and Exploits
cve data data-mining exploits research-project
Last synced: 23 Oct 2024
https://github.com/lynk4/cve-2011-2523
Python exploit for vsftpd 2.3.4 - Backdoor Command Execution
cve cve-2011-2523 exploit python vsftpd-exploit
Last synced: 08 Nov 2024
https://github.com/lynk4/windows-server-2008-vapt
A VAPT Report on Microsoft Windows Server 2008 Enterprise Service Pack 1.........
cve cve-2017-0144 eternal eternalblue etneralblue-ms17-010-remote-code-execution exploit ms17-010 penetration-testing vapt vapt-report vulnerability-assessment windows windows-enterprise windows-server windows-server-2008 windows-server-2008-enterprise
Last synced: 08 Nov 2024
https://github.com/mbadanoiu/CVE-2021-46364
CVE-2021-46364: YAML Deserialization in Magnolia CMS
Last synced: 23 Oct 2024
https://github.com/acceis/exploit-cve-2023-38490
Kirby < 3.9.6 XML External Entity exploit
cve cve-2023-38490 exploit kirby kirby-cms xxe
Last synced: 06 Nov 2024
https://github.com/Yashodhanvivek/Firebolt-wristphone-vulnerability
This repository is for Firebolt wristphone vulnerability for CVE ID CVE-2024-30656 suggested by MITRE. Mitre yet to confirm on ID
cve firebolt vulnerability wifi-deauth wifi-deauther wifi-hacking wifi-security wristphone
Last synced: 23 Oct 2024
https://github.com/andreyrusyaev/secreports
Security research reports
asp-net cve cve-2005-0452 owasp security vulnerability xss
Last synced: 08 Nov 2024
