Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Common Vulnerabilities and Exposures (CVE)

The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security

https://github.com/carlospolop/nse_winvulndetection_csv

Checks if a windows machine with the smb service actve is vulnerable to the CVEs of a CSV file passed as argument to the script

cve nse-winvulndetection-csv smb

Last synced: 28 Oct 2024

https://github.com/blackhole-consulting/olger

Olger, authomated cybersecurity analyst , check infrastructures and deploy solutions

ansible cve cve-scanning cybersecurity d3-graph d3js dot-files elasticsearch graphviz haproxy haproxy-configuration kibana nmap pdf visualizes-data

Last synced: 02 Nov 2024

https://github.com/jgamblin/cisa_enrichment

CISA Known Exploited Vulnerabilities Catalog Enrichment

cisa cisa-directives cve cwe

Last synced: 11 Nov 2024

https://github.com/Supersonic/Wallbreak

Exploit app for CVE-2021-39670 and CVE-2021-39690, two permanent denial-of-service vulnerabilities in Android's wallpaper system

android cve exploit security vrp

Last synced: 23 Oct 2024

https://github.com/Inplex-sys/CVE-2022-36804

A loader for bitbucket 2022 rce (cve-2022-36804)

bitbucket cve cve-2022-36804 exploit-db poc rce

Last synced: 23 Oct 2024

https://github.com/AmoloHT/CVE-2022-26134

「💥」CVE-2022-26134 - Confluence Pre-Auth RCE

confluence cve cve-2022-26134 exploit hacking infosec rce security

Last synced: 23 Oct 2024

https://github.com/ignis-sec/cve-details-extension

Hover over cve id's on the website to get a helpful summary.

cve infosec security

Last synced: 13 Nov 2024

https://github.com/padsalatushal/cve-2011-2523

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

cve cve-2011-2523 exploit python security vsftpd-exploit

Last synced: 14 Nov 2024

https://github.com/m4drat/CVE-2013-2028-Exploit

CVE-2013-2028 python exploit

cve exploit nginx pwn

Last synced: 23 Oct 2024

https://github.com/tin-z/Stuff_and_POCs

Containing vulnerabilities I've discovered and maybe CVE

cve vulnerability-research

Last synced: 23 Oct 2024

https://github.com/wjl110/Spring_CVE_2022_22947

Spring_CVE_2022_22947:Spring Cloud Gateway现高风险漏洞cve,poc漏洞利用,一键利用,开箱即用

cve cve-2022-22947 poc spring-cloud-gateway spring-cve-2022-22947

Last synced: 23 Oct 2024

https://github.com/plazmaz/cvestack

Scan products in your stack for known vulnerabilities

cve cve-scanning infosec nvd python security security-tools vulnerability

Last synced: 10 Nov 2024

https://github.com/jiguangsdf/cve-2018-11776

CVE-2018-11776(S2-057) EXPLOIT CODE

cve cve-2018-11776 python3 struts2

Last synced: 09 Nov 2024

https://github.com/center-for-threat-informed-defense/cwe-calculator

The CWE Calculator enables software development teams to score and prioritize discovered weaknesses empirically based on data in the National Vulnerability Database (NVD).

ctid cve cvss cwe cybersecurity threat-informed-defense

Last synced: 07 Nov 2024

https://github.com/0xsyr0/log4shell

This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.

cve cve-2021-44228 log4j log4shell

Last synced: 08 Nov 2024

https://github.com/oppsec/arbimz

🔥 Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.

2019 cve cve-2019-9670 exploit offsec pentest poc python python3 rce redteam ssrf xxe zimbra

Last synced: 08 Nov 2024

https://github.com/jgamblin/cvereview

2023 CVE Data Review

cve nvd vulnerabilities

Last synced: 11 Nov 2024

https://github.com/brannondorsey/cve

A collection of vulnerabilities found through independent security research.

cve disclosure security

Last synced: 13 Nov 2024

https://github.com/travispaul/nvd_cve

🔎 Search for CVEs against a local cached copy of NIST National Vulnerability Database (NVD)

cve nist nvd

Last synced: 05 Nov 2024

https://github.com/codedsprit/cve-2022-22965

🤯 Exploit for SpringShell.

cve exploit springshell

Last synced: 11 Nov 2024

https://github.com/mostafahussein/kubernetes-sec-alert

Track Kubernetes CVEs by native GitHub notifications!

cve devops github-actions golang k8s kubernetes security

Last synced: 23 Oct 2024

https://github.com/efchatz/bl0ck

Bl0ck: a tool to interrupt the transmission of QoS Data frames in Wi-Fi 5 and 6 networks

80211 cve dos exploit wifi wpa2 wpa3

Last synced: 30 Oct 2024

https://github.com/ajread4/nessus_crosswalk

Crosswalk Nessus findings with the CISA Known and Exploited Vulnerabilities (KEV) catalog.

cisa cve national-vulnerability-database nessus nessus-parser nvd python

Last synced: 23 Oct 2024

https://github.com/acceis/exploit-cve-2022-24780

iTop < 2.7.6 - (Authenticated) Remote command execution

cve cve-2022-24780 exploit rce ssti

Last synced: 06 Nov 2024

https://github.com/zaghaghi/neo4j-cve-scripts

Scripts for downloading and importing CVE json feeds into Neo4j

analysis cve cwe graphql neo4j security-vulnerability

Last synced: 23 Oct 2024

https://github.com/diabonas/arch-security-tracker-tools

Tools to make working with the Arch Linux Security Tracker easier

advisory archlinux cve security tracker

Last synced: 05 Nov 2024

https://github.com/Live-Hack-CVE/cve-framework

Live Hack CVE open sourced & self hosted framework. Track data in new CVE and get alerted

cve cve-scanning deno scanner self-hosted

Last synced: 23 Oct 2024

https://github.com/kuduxaaa/exploits-parser

CVE Exploits Parser from cvedetails.com [ the ultimate security vulnerability datasource ]

cve cve-details-scraper exploit parser

Last synced: 09 Nov 2024

https://github.com/kosmx/cve-2021-44228-example

vulnerability POC

cve cve-2021-44228 rce

Last synced: 14 Oct 2024

https://github.com/winnpixie/log4noshell

A Java Agent that disables Apache Log4J's JNDI Lookup to mitigate CVE-2021-44228 ("Log4Shell").

apache cve log4j patch security vulnerability

Last synced: 04 Aug 2024

https://github.com/Retr0-code/SignHere

SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads.

automation build-tool builder cve cve-2017-11882 equation malicious microsoft office python3 rtf vulnerabilities

Last synced: 04 Aug 2024

https://github.com/FrankysWeb/CVE-Reporter

CVE-Reporter sends E-Mail with new detected CVE from NIST NVD Feed

cve email report

Last synced: 23 Oct 2024

https://github.com/oppsec/zaber

🕵️ Yet another CVE-2019-9670 exploit, but in Golang.

blueteam cve cve-2019-9670 exploit go golang redteam vulnerability zimbra

Last synced: 08 Nov 2024

https://github.com/mudongliang/source-packages

This repo stores source code of the vulnerable program.

cve edb linux reproduction vulnerability

Last synced: 07 Nov 2024

https://github.com/mprpic/cvelint

CLI tool to validate CVE v5 JSON records.

cve linter security

Last synced: 14 Nov 2024

https://github.com/jubnzv/cppcheck-nvd-checker

Helper scripts to verify Cppcheck bug-hunting mode on NVD CVE datasets

cppcheck cve nvd

Last synced: 17 Oct 2024

https://github.com/krishpranav/kernelexploits

Various Kernel Exploits For Linux And Windows

cve cve-exploits exploits kernel kernel-exploits

Last synced: 15 Oct 2024

https://github.com/mauricelambert/cve-2021-31166

CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.

bluescreen crash cve cve-2021-31166 denial-of-service dos exploit iis metasploit microsoft nmap payload powershell python3 ruby vulnerability webserver

Last synced: 14 Nov 2024

https://github.com/cinnqi/VulKG

Vulnerability knowledge graph construction

cve d3js knowledge-graph named-entity-recognition neo4j vulnerability

Last synced: 23 Oct 2024

https://github.com/644/avg-audit

Arch Linux Audit Tool - checks for vulnerable packages installed against security.archlinux.org

advisory arch-linux archlinux audit cve security

Last synced: 23 Oct 2024

https://github.com/jgamblin/cpedata

NVD CPE Data

cpe cve nvd vulnerabilities

Last synced: 11 Nov 2024

https://github.com/mudongliang/dockerfiles

Put all the useful Dockerfiles and related tools into this repo

cve dockerfile edb linux reproduction vulnerability

Last synced: 07 Nov 2024

https://github.com/jgamblin/CPEData

NVD CPE Data

cpe cve nvd vulnerabilities

Last synced: 04 Aug 2024

https://github.com/padsalatushal/cve-2018-16763

Fuel CMS 1.4.1 - Remote Code Execution

cve cve-2018-16763 exploit fuelcms python

Last synced: 14 Nov 2024

https://github.com/viiftw/cveapi-go

Golang client for cveapi API

cve cveapi golang-client golang-library

Last synced: 08 Nov 2024

https://github.com/mbadanoiu/cve-2023-34468

CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi

0-day authenticated cve cve-2023-34468 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/sebastian-mora/cve-2020-27358-27359

CVE-2020-27358 and CVE-2020-27359

cve cve-2020-27358 cve-2020-27359 exploit

Last synced: 23 Oct 2024

https://github.com/muchdogesec/cve2stix

A command line tool that turns NVD CVE records into STIX 2.1 Objects.

cve nvd stix2 stix2-patterns vulnerability

Last synced: 12 Nov 2024

https://github.com/postmodern/cvelist.rb

A Ruby library for parsing the CVE JSON in the cvelist git repository

cve cvelist json ruby rubygem

Last synced: 11 Oct 2024

https://github.com/acceis/exploit-cve-2022-0482

Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure

cve cve-2022-0482 disclosure exploit pii

Last synced: 06 Nov 2024

https://github.com/jamiemagee/microsoftsecurityupdates

MSRC API client for .NET

cve cvrf kb msrc

Last synced: 17 Oct 2024

https://github.com/muchdogesec/arango_cti_processor

A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format.

capec cpe cve cwe mitre-attack nvd sigma-rules stix2

Last synced: 12 Nov 2024

https://github.com/mbadanoiu/CVE-2023-34212

CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi

0-day authenticated cve cve-2023-34212 cves remote-code-execution

Last synced: 23 Oct 2024

https://github.com/Acceis/exploit-CVE-2022-0482

Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure

cve cve-2022-0482 disclosure exploit pii

Last synced: 23 Oct 2024

https://github.com/mbadanoiu/cve-2023-34212

CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi

0-day authenticated cve cve-2023-34212 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/bAuh0lz/Vulnerabilities

Vulnerabilities found by me

cve vulnerability

Last synced: 23 Oct 2024

https://github.com/staturnzz/sw1tch

poc of CVE-2022-46689 written purely in swift

cve cve-2022-46689 ios swift

Last synced: 23 Oct 2024

https://github.com/circl/fedivuln

A client to gather vulnerability-related information from the Fediverse.

cve fediverse mastodon vulnerability

Last synced: 06 Nov 2024

https://github.com/GuilherveMasco/OPTIC

Online Python Tool for Internet protocol Comparisons

comparison cve internet ipv6 nvd protocol tool

Last synced: 23 Oct 2024

https://github.com/saharNooby/log4j-vulnerability-patcher-agent

Fixes CVE-2021-44228 in log4j by patching JndiLookup class

agent bytecode cve fix log4j patch

Last synced: 23 Oct 2024

https://github.com/cyberdef-milano/searchpoc

Search a PoC given a CVE id

cve poc scraping security

Last synced: 23 Oct 2024

https://github.com/xdrr/cve.js

JS client-side library for the CVE API

cve mitre mitre-corporation vulnerability

Last synced: 23 Oct 2024

https://github.com/mathis2001/wappassivescan

Passive Vulnerability Scanner working with Wappalyzer API and MITRE CVE search functionnality.

bugbounty bugbounty-tool cve mitre passive-vulnerability-scanner pentest pentest-tool pentesting pentesting-tools wappalyzer

Last synced: 11 Nov 2024

https://github.com/hackingyseguridad/CVE-2021-4034

CVE-2021-4034, exploit para escalado de privilegios en SO Linux a root

cve elevar exploit linux privilegios root vuln

Last synced: 23 Oct 2024

https://github.com/seqred-s-a/gxdlmsdirector-cve

CVE-2020-8809 and CVE-2020-8810

advisory ami cosem cve dlms security

Last synced: 23 Oct 2024

https://github.com/juanse77/active-inventory-generator

Active Inventory Report Generator for nmap scan

active-inventory automatic cve excel nmap report vulnerabilities

Last synced: 12 Nov 2024

https://github.com/kernelerr/vlc-cve-2008-4654-exploit

An EXP could run on Windows x64 against CVE-2008-4654.

cve exploit out-of-memory vlc vlc-media-player

Last synced: 12 Oct 2024

https://github.com/muchdogesec/vulmatch

Vulmatch is a database of CVEs in STIX 2.1 format with a REST API wrapper to access them.

cpe cve nvd vulnerabilities vulnerability

Last synced: 12 Nov 2024

https://github.com/ctron/cve

Mappings of the CVE JSON structures for Rust

cve rust

Last synced: 09 Nov 2024

https://github.com/saharnooby/log4j-vulnerability-patcher-agent

Fixes CVE-2021-44228 in log4j by patching JndiLookup class

agent bytecode cve fix log4j patch

Last synced: 29 Oct 2024

https://github.com/whokilleddb/cve-2019-15107

CVE-2019-15107 Webmin Exploit in C

cve exploit poc vulnerability

Last synced: 08 Nov 2024

https://github.com/muchdogesec/cxe2stix_helper

A small Python wrapper to download data using cve2stix and cpe2stix.

cpe cve nvd stix2 stix2-patterns

Last synced: 12 Nov 2024

https://github.com/postmodern/cve_schema.rb

A Ruby library providing common classes for CVE data and loading it from JSON.

cve cve-schema json ruby

Last synced: 11 Oct 2024

https://github.com/kh4sh3i/CVE-2022-26134

[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)

atlassian atlassian-jira code confluence confluent-platform cve cve-2022-26134 jira payload poc rce remote

Last synced: 23 Oct 2024

https://github.com/whokilleddb/CVE-2019-15107

CVE-2019-15107 Webmin Exploit in C

cve exploit poc vulnerability

Last synced: 23 Oct 2024

https://github.com/ansibleaudit/ansibleaudit

ansibleAudit is an open source tool designed to perform automated audits of system configurations using Ansible. This tool uses playbooks to verify configurations according to security best practices. If vulnerabilities or misconfigurations are identified, ansibleAudit provides detailed recommendations and procedures to effectively remediate them.

ansible assessory audit automation benchmark cis compliance configuration-management cve cve-scanning fedora nist security security-audits system-administration ubuntu vulnerability-scanning windows

Last synced: 13 Oct 2024

https://github.com/SherlockSec/CVE-2020-0601

A Windows Crypto Exploit

cve cve-2020-0601 exploit windows

Last synced: 23 Oct 2024

https://github.com/swapravo/cvesploit

Find SearchSploit exploits by CVE-IDs / dpkg status file

cve exploits searchsploit

Last synced: 23 Oct 2024

https://github.com/whokilleddb/CVE-2019-17662

Exploit for CVE-2019-17662 (ThinVNC 1.0b1)

cve cve-2019-17662 exploit poc thinvnc

Last synced: 23 Oct 2024