Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Common Vulnerabilities and Exposures (CVE)
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security
- GitHub: https://github.com/topics/cve
- Wikipedia: https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
- Last updated: 2024-11-14 00:06:14 UTC
- JSON Representation
https://github.com/mbadanoiu/cve-2021-42558
CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera
0-day cross-site-scripting cve cve-2021-42558 cves
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46362
CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS
0-day cve cve-2021-46362 cves server-side-template-injection unauthenticated
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46366
CVE-2021-46366: Credential Bruteforce Attack via CSRF + Open Redirect in Magnolia CMS
0-day csrf cve cve-2021-46366 cves open-redirect
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46363
CVE-2021-46363: Formula Injection in Magnolia CMS
0-day authenticated csv-injection cve cve-2021-46363 cves
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-8254
CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client
0-day cve cve-2020-8254 cves remote-code-execution user-interaction zip-slip
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-20253
CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower
0-day cve cve-2021-20253 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-40634
CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS
0-day authenticated bypass cve cve-2020-25803 cve-2022-40634 cves remote-code-execution server-side-template-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-34693
CVE-2024-34693: Server Arbitrary File Read in Apache Superset
0-day arbitrary-file-read cve cve-2024-34693 cves
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-12641
CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail
0-day cve cve-2020-12641 cves remote-code-execution unauthenticated
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-9849
CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice
0-day bypass cve cve-2019-9849 cves server-side-request-forgery
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-37081
CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server
0-day authenticated cve cve-2024-37081 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-22274
CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server
0-day authenticated cve cve-2024-22274 cves remote-code-execution
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2024-22275
CVE-2024-22275: Partial File Read in VMware vCenter Server
0-day authenticated cve cve-2024-22275 cves file-read
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2023-51518
CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James
0-day cve cve-2023-51518 cves deserialization local-privilege-escalation pre-authentication
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-42562
CVE-2021-42562: Improper Access Control in MITRE Caldera
0-day authenticated cve cve-2021-42562 cves insecure-direct-object-reference
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-42561
CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera
0-day authenticated cve cve-2021-42561 cves remote-code-execution
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-13965
CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-13965 cves unauthenticated
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-10092
CVE-2019-10092: Limited Cross-Site Scripting via "Proxy Error" Page in Apache HTTP Server
0-day cve cve-2019-10092 cves open-redirect user-interaction
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-12640
CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail
0-day cve cve-2020-12640 cves local-file-inclusion path-traversal
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-12625
CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-12625 cves unauthenticated
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-14678
CVE-2019-14678: XML External Entity in SAS XML Mapper
0-day cve cve-2019-14678 cves xxe
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46361
CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS
0-day authenticated bypass cve cve-2021-46361 cves remote-code-execution
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46365
CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS
0-day authenticated cve cve-2021-46365 cves xxe
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-20818
CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN
0-day cve cve-2022-20818 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-24442
CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack
0-day authenticated bypass cve cve-2021-25770 cve-2022-24442 cves remote-code-execution server-side-template-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2019-1332
CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services
0-day cross-site-scripting cve cve-2019-1332 cves reflected-xss
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-29063
CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz
0-day cve cve-2022-29063 cves deserialization local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2021-46364
CVE-2021-46364: YAML Deserialization in Magnolia CMS
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2023-49964
CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco
0-day authenticated bypass cve cve-2020-12873 cve-2023-49964 cves remote-code-execution server-side-template-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2022-25813
CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
0-day cve cve-2022-25813 cves remote-code-execution server-side-template-injection user-interaction
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-8248
CVE-2020-8248: Privilege Escalation via Zip Wildcard Exploit in Pulse Secure VPN Linux Client
0-day cve cve-2020-8248 cves local-privilege-escalation wildcard-injection
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-8249
CVE-2020-8249: Buffer Overflow in Pulse Secure VPN Linux Client
0-day buffer-overflow cve cve-2020-8249 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2020-8250
CVE-2020-8250: Privilege Escalation via Command Injection in Pulse Secure VPN Linux Client
0-day command-injection cve cve-2020-8250 cves local-privilege-escalation
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2023-40037
CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi
Last synced: 13 Nov 2024
https://github.com/mbadanoiu/cve-2023-26269
CVE-2023-26269: Misconfigured JMX in Apache James
Last synced: 13 Nov 2024
https://github.com/mauricelambert/exchangeweaknesstest
This script test the CVE-2021-26855 vulnerability on Exchange Server.
cve exchange microsoft python3 security security-tools
Last synced: 14 Nov 2024
https://github.com/mauricelambert/cve-2021-21985
This script check the CVE-2021-21985 vulnerability and patch on vCenter Server.
cve cve-2021-21985 python3 security security-scan vcenter
Last synced: 14 Nov 2024
https://github.com/vincentscode/cve-2024-34313
☣️ This repository contains the description and a proof of concept for CVE-2024-34313
Last synced: 13 Nov 2024
https://github.com/vincentscode/cve-2024-34312
☣️ This repository contains the description and a proof of concept for CVE-2024-34312
Last synced: 13 Nov 2024
https://github.com/lem0nsec/cve-2010-5301
A proof of concept of an SEH overflow with arbitrary dll injection
cve exploit-development windows
Last synced: 15 Nov 2024
https://github.com/madret/vuln_checker
Search for vulnerabilites in software or hardware and grab actionable CVE information.
advisories cve cve-search cve-searchsploit cves cves-finder database exploit exploits hardware known nist nvd poc powershell software vulnerabilities vulnerability vulnerability-research vulnerable
Last synced: 15 Nov 2024
https://github.com/friends-of-presta/security-contact
cve prestashop prestashop-module security
Last synced: 13 Oct 2024
