Common Vulnerabilities and Exposures (CVE)
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security
- GitHub: https://github.com/topics/cve
- Wikipedia: https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
- Last updated: 2025-05-04 00:06:47 UTC
- JSON Representation
https://github.com/0x00-0x00/cve-2016-10033
PHPMailer < 5.2.18 Remote Code Execution Exploit
2016-10033 cve exploit php phpmailer
Last synced: 22 Nov 2024
https://github.com/swagkarna/bsod-windows-10-proof-of-concept-
A bug in Windows 10 causes the operating system to crash with a Blue Screen of Death simply by opening a certain path in a browser's address bar or using other Windows commands
bsod-windows10 bug crash cve hacking poc proof-of-concept windows10
Last synced: 12 Apr 2025
https://github.com/hansmach1ne/myexploits
Repo for discovered zero day vulnerabilities/exploits
bug-hunting cve exploit vulnerability
Last synced: 21 Nov 2024
https://github.com/lucabarile/toctou
Exploiting TOCTOU vulnerability using OpLock and Junctions
cve elevation-of-privilege eop exploit junction local-privilege-escalation lpe oplock opportunistic-lock poc pop-a-shell proof-of-concept race-conditions symbolic-link symlink toctou vulnerability
Last synced: 15 Apr 2025
https://github.com/mprpic/cvelint
CLI tool to validate CVE v5 JSON records.
Last synced: 12 Apr 2025
https://github.com/mostafahussein/kubernetes-sec-alert
Track Kubernetes CVEs by native GitHub notifications!
cve devops github-actions golang k8s kubernetes security
Last synced: 10 Mar 2025
https://github.com/sircryptic/poc
Proof-of-Concept Exploits Based On Known CVE's
cve cybersecurity educational proof-of-concept security
Last synced: 14 Apr 2025
https://github.com/ajread4/nessus_crosswalk
Crosswalk Nessus findings with the CISA Known and Exploited Vulnerabilities (KEV) catalog.
cisa cve national-vulnerability-database nessus nessus-parser nvd python
Last synced: 10 Mar 2025
https://github.com/criminalip/CIP-NSE-Script
The NSE Script plugin integrates with Criminal IP CTI search engine for network scanning, showing IP details like WHOIS, running products, versions, CVEs, etc.
criminalip-api cve cyberthreatintelligence ip portscan
Last synced: 17 Nov 2024
https://github.com/mr-xn/cve-2024-36991
Path Traversal On The "/Modules/Messaging/" Endpoint In Splunk Enterprise On Windows
cve cve-2024 cve-2024-36991 path-traversal splunk
Last synced: 22 Mar 2025
https://github.com/paulveillard/cybersecurity-applied-cryptography
A collection of awesome software, learning tutorials, theoretical resources, books and videos, best practices in applied cryptography.
applied-computer-science applied-cryptography applied-machine-learning applied-science crypocurrency crypography crypto cryptocurrency-exchanges cryptography crytopcurrency-portfolio cve cvn cybersecurity cybersecurity-incidents security-tools
Last synced: 28 Mar 2025
https://github.com/typicalmodmaker/cve-2024-4956
Proof-Of-Concept (POC) for CVE-2024-4956
cve cve-2024-4956 exploit poc proof-of-concept proofofconcept vulnerability
Last synced: 10 Apr 2025
https://github.com/winnpixie/log4noshell
A Java Agent that disables Apache Log4J's JNDI Lookup to mitigate CVE-2021-44228 ("Log4Shell").
apache cve log4j patch security vulnerability
Last synced: 21 Nov 2024
https://github.com/kuduxaaa/exploits-parser
CVE Exploits Parser from cvedetails.com [ the ultimate security vulnerability datasource ]
cve cve-details-scraper exploit parser
Last synced: 30 Apr 2025
https://github.com/Live-Hack-CVE/cve-framework
Live Hack CVE open sourced & self hosted framework. Track data in new CVE and get alerted
cve cve-scanning deno scanner self-hosted
Last synced: 10 Mar 2025
https://github.com/acceis/exploit-cve-2022-24780
iTop < 2.7.6 - (Authenticated) Remote command execution
cve cve-2022-24780 exploit rce ssti
Last synced: 08 Apr 2025
https://github.com/geniuszly/cve-2022-46080
it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.
buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research
Last synced: 11 Apr 2025
https://github.com/jul10l1r4/identificador-cve-2018-11759
This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer
apache2 cve cve-2018-11759 load-balancer module protection safe security security-testing
Last synced: 19 Nov 2024
https://github.com/FrankysWeb/CVE-Reporter
CVE-Reporter sends E-Mail with new detected CVE from NIST NVD Feed
Last synced: 10 Mar 2025
https://github.com/Retr0-code/SignHere
SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads.
automation build-tool builder cve cve-2017-11882 equation malicious microsoft office python3 rtf vulnerabilities
Last synced: 21 Nov 2024
https://github.com/mauricelambert/cve-2021-31166
CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.
bluescreen crash cve cve-2021-31166 denial-of-service dos exploit iis metasploit microsoft nmap payload powershell python3 ruby vulnerability webserver
Last synced: 11 Apr 2025
https://github.com/geniuszly/genbluestacksinjector
BlueStacksInjector is a Python script designed to automate the injection of a payload into the startup directories of user profiles within a shared directory environment, such as BlueStacks.
android-emulator automation bluestacks cve cve-2024-33352 cybersecurity ethical-hacking genbluestacksinjector injector memory-injection penetration-testing process-injection python reverse-engineering security-tools vuln
Last synced: 04 Mar 2025
https://github.com/phx/cvescan
Easily scan for CVEs using nmap.
automation cve nmap portscanning shell shellscript
Last synced: 01 Dec 2024
https://github.com/lucabarile/dll-hijacking
DLL Hijacking using DLL Proxying technique
cve dll-hijacking dll-proxying elevation-of-privilege exploit exported-functions hijacking local-privilege-escalation mingw-w64 poc pop-a-shell privilege-escalation proof-of-concept vulnerability windows-privilege-escalation
Last synced: 20 Feb 2025
https://github.com/padsalatushal/cve-2018-16763
Fuel CMS 1.4.1 - Remote Code Execution
cve cve-2018-16763 exploit fuelcms python
Last synced: 14 Jan 2025
https://github.com/alexandre-bartel/cve-2018-20343
PoC for CVE-2018-20343
build-engine cve exploit vulnerability
Last synced: 01 Dec 2024
https://github.com/jonhadfield/aws-inspector-reporter
an app to report AWS Inspector findings
aws aws-inspector cis cve go inspector lambda report
Last synced: 23 Nov 2024
https://github.com/mbadanoiu/cve-2023-49964
CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco
0-day authenticated bypass cve cve-2020-12873 cve-2023-49964 cves remote-code-execution server-side-template-injection
Last synced: 01 Mar 2025
https://github.com/krishpranav/kernelexploits
Various Kernel Exploits For Linux And Windows
cve cve-exploits exploits kernel kernel-exploits
Last synced: 15 Apr 2025
https://github.com/geniuszly/cve-2022-44149
it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.
cve cve-2022-44149 cybersecurity ethical-hacking exploit exploit-development linux payload penetration-testing poc privilege-escalation security vulnerability vulnerability-research
Last synced: 11 Apr 2025
https://github.com/geniuszly/cve-2022-45701
it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.
arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research
Last synced: 11 Apr 2025
https://github.com/sebastian-mora/cve-2020-27358-27359
CVE-2020-27358 and CVE-2020-27359
cve cve-2020-27358 cve-2020-27359 exploit
Last synced: 10 Mar 2025
https://github.com/nhas/cve-2024-45337-poc
Proof of concept (POC) for CVE-2024-45337
cve cve-2024-45337 exploit golang hack pentesting poc proof-of-concept ssh
Last synced: 09 Apr 2025
https://github.com/atao/shodan2db
🔌 Shodan export to SQLite database and generate an HTML report.
analysis converter cve export osint python-class python3 report reporting security shodan shodan-python sqlite vulnerability
Last synced: 11 Apr 2025
https://github.com/cinnqi/VulKG
Vulnerability knowledge graph construction
cve d3js knowledge-graph named-entity-recognition neo4j vulnerability
Last synced: 10 Mar 2025
https://github.com/muchdogesec/cxe2stix_helper
[ARCHIVED -- USE CVE2STIX] A small Python wrapper to download data using cve2stix and cpe2stix.
cpe cve nvd stix2 stix2-patterns
Last synced: 02 May 2025
https://github.com/644/avg-audit
Arch Linux Audit Tool - checks for vulnerable packages installed against security.archlinux.org
advisory arch-linux archlinux audit cve security
Last synced: 10 Mar 2025
https://github.com/nodiscc/netdata-debsecan
[mirror] Check/graph the number of CVEs in currently installed packages - netdata plugin
Last synced: 19 Nov 2024
https://github.com/jubnzv/cppcheck-nvd-checker
Helper scripts to verify Cppcheck bug-hunting mode on NVD CVE datasets
Last synced: 16 Apr 2025
https://github.com/nisaruj/nosqli-flintcms
Blind noSQL injection case study lab based on CVE-2018-3783
Last synced: 08 Apr 2025
https://github.com/mudongliang/dockerfiles
Put all the useful Dockerfiles and related tools into this repo
cve dockerfile edb linux reproduction vulnerability
Last synced: 18 Feb 2025
https://github.com/0xrar/cve-2021-29447-poc
A proof of concept exploit for a wordpress 5.6 media library vulnerability
cve cve-2021-29447 exploit-development python3 websecurity wordpress
Last synced: 14 Dec 2024
https://github.com/mbadanoiu/cve-2023-34468
CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi
0-day authenticated cve cve-2023-34468 cves remote-code-execution
Last synced: 01 Mar 2025
https://github.com/helidem/cve-2025-24054-poc
Proof of Concept for the NTLM Hash Leak via .library-ms CVE-2025-24054
cve cve-2025-24054 cve-2025-24071 exploit library-ms ntlm ntlm-hash phishing poc windows
Last synced: 25 Apr 2025
https://github.com/000pp/zaber
🕵️ Yet another CVE-2019-9670 exploit, but in Golang.
blueteam cve cve-2019-9670 exploit go golang redteam vulnerability zimbra
Last synced: 24 Apr 2025
https://github.com/4m3rr0r/cve-2011-2523-poc
Python exploit for CVE-2011-2523 (VSFTPD 2.3.4 Backdoor Command Execution)
cve cve-2011-2523 exploit python security vsftpd-exploit
Last synced: 19 Apr 2025
https://github.com/Acceis/exploit-CVE-2022-0482
Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure
cve cve-2022-0482 disclosure exploit pii
Last synced: 10 Mar 2025
https://github.com/codeb0ss/webshell_executor
Advanced Software To Scan Webshells With The Best Features - For SEO Webshells/SEO Companies.
0day china codeb0ss codeboss cve exploit high-da lufix olux rce-exploit shell shell-exploit webshell webshell-backdoor webshell-detect webshell-exploit wso xleet
Last synced: 12 Jan 2025
https://github.com/stackoverflowexcept1on/cve-2021-36393
Error-based blind SQL injection with bit-shifting approach for Moodle 3.10.4
cve moodle sql-injection vulnerability
Last synced: 11 Jan 2025
https://github.com/infosecredd/cve-discord-notify
CVE Notifier is an automated monitoring tool designed to keep you informed about the latest Common Vulnerabilities and Exposures (CVEs). It continuously scans for new CVEs, evaluates their severity based on CVSS scores, and sends notifications to your Discord channels.
cve cve-scanning discord github-actions webhook
Last synced: 14 Apr 2025
https://github.com/mykhis/discord-image-logger-stealer
Ephemeral discourse is embodied by the likes of Messenger Sessions, the digital portraits of Accounts, and the enigmatic Token
cve cve-2021-44228 cve-scanning exploit exploit-code exploit-database exploit-development exploit-exercises exploit-kit exploitation exploitation-framework slient-doc-exploit slient-exploit slient-exploit-builder slient-hta-exploit slient-jpg-exploit slient-pdf-exploit slient-png-exploit slient-url-exploit
Last synced: 28 Jan 2025
https://github.com/jamiemagee/microsoftsecurityupdates
MSRC API client for .NET
Last synced: 19 Apr 2025
https://github.com/codeb0ss/cve-2023-27034-exploit
Mass Exploit - CVE-2023-27034
2023-poc codeb0ss codeboss codeboss-team cve cve-2023 cve-2023-27034 cve-2023-27034-exp cve-2023-27034-exploit cve-2023-27034-poc cve-poc cves hackerone prestashop
Last synced: 06 Apr 2025
https://github.com/aress31/cve-2017-12945
Exploit for CVE-2017-12945.
cve cve-2017-12945 mersive os-command-injection remote-shell solstice solstice-pod
Last synced: 22 Mar 2025
https://github.com/ppxl/harbor-cve-finder
Comfortably find CVEs in your Harbor container image registry
container cve harbor-registry registry
Last synced: 16 Mar 2025
https://github.com/mbadanoiu/cve-2023-34212
CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi
0-day authenticated cve cve-2023-34212 cves deserialization remote-code-execution
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/CVE-2023-34212
CVE-2023-34212: Java Deserialization via JNDI Components in Apache NiFi
0-day authenticated cve cve-2023-34212 cves remote-code-execution
Last synced: 10 Mar 2025
https://github.com/kulkansecurity/mindthegap
A Python-based tool specifically designed for users to identify the "patch gap" in their Ubuntu release - the delay between the disclosure of a vulnerability and the patch release. By querying Ubuntu's CVE system, it provides a clearer picture of the current security standing of different Ubuntu versions.
Last synced: 14 Mar 2025
https://github.com/viiftw/cveapi-go
Golang client for cveapi API
cve cveapi golang-client golang-library
Last synced: 06 Mar 2025
https://github.com/vuldb/vuldb-api-php-examples
VulDB PHP scripts to fetch data via API
api api-client cve nvd php vulnerabilities vulnerability vulnerability-analysis vulnerability-database-entry vulnerability-databases vulnerability-identification vulnerability-management
Last synced: 26 Jan 2025
https://github.com/codeb0ss/cve-2023-20073-
Mass Exploit - CVE-2023-20073 - Cisco VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]
0day bug bugbounty cisco codeb0ss codeboss cve cve-2023-20073 exploit hackerone mass mass-exploit uncodeboss vpn-router
Last synced: 01 Mar 2025
https://github.com/mathis2001/wappassivescan
Passive Vulnerability Scanner working with Wappalyzer API and MITRE CVE search functionnality.
bugbounty bugbounty-tool cve mitre passive-vulnerability-scanner pentest pentest-tool pentesting pentesting-tools wappalyzer
Last synced: 26 Feb 2025
https://github.com/acceis/exploit-cve-2022-0482
Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure
cve cve-2022-0482 disclosure exploit pii
Last synced: 08 Apr 2025
https://github.com/thoth-station/cve-update-job
Update Thoth's database of CVEs
application-stack artificial-intelligence cve hacktoberfest secure thoth
Last synced: 10 Apr 2025
https://github.com/thoth-station/thoth-pre-commit-hook
Thoth adviser pre-commit hooks.
Last synced: 10 Apr 2025
https://github.com/hunthubspace/exploit-tracker
A script designed to automatically discover new exploits and save results to a file or integrate with your Discord server. Also search for exploits related to specific CVEs of your choice.
bugbounty cve ethical-hacking exploit penetration-testing-tools web
Last synced: 31 Jan 2025
https://github.com/staturnzz/sw1tch
poc of CVE-2022-46689 written purely in swift
Last synced: 10 Mar 2025
https://github.com/codeb0ss/cve-2024-20353-poc
Mass Exploit - CVE-2024-20353 [Cisco] < Unauthenticated < Denial Of Service
cisco cisco-cve cisco-exp cisco-ios cisco-vuln codeb0ss cve cve-2024 cve-2024-20353 cve-2024-20353-exp cve-2024-20353-poc uncodeboss
Last synced: 12 Jan 2025
https://github.com/usdtc/jpg-png-exploit-slient-builder-exploit-database-cve-2023-malware
In the hushed galleries of the Silent JPG Exploit, a symphony shrouded in enigma unfurls—an opus named silent-jpg-exploit-2018—a title that reverberates through the annals of intrigue.
cve cve-2021-44228 cve-scanning exploit exploit-code exploit-database exploit-development exploit-exercises exploit-kit exploitation exploitation-framework slient-doc-exploit slient-exploit slient-exploit-builder slient-hta-exploit slient-jpg-exploit slient-pdf-exploit slient-png-exploit slient-url-exploit
Last synced: 21 Mar 2025
https://github.com/juanse77/active-inventory-generator
Active Inventory Report Generator for nmap scan
active-inventory automatic cve excel nmap report vulnerabilities
Last synced: 01 Mar 2025
https://github.com/codeb0ss/cve-2023-3836
0day bugbounty codeb0ss codeboss cve cve-2023-3836 exploit exploiter hackerone uncodeboss webshell
Last synced: 01 Mar 2025
https://github.com/codeb0ss/cve-2023-1112-exp
CVE-2023-1112 Auto Exploiter
codeb0ss codeboss cve cve-2023 cve-2023-1112 cve-2023-1112-exp cve-2023-1112-exploiter cve-2023-1112-wp exploit uncodeboss wordpress wordpress0day wordpressexploit
Last synced: 01 Mar 2025
https://github.com/p1ckzi/cve-2022-35513
CVE-2022-35513 | blink1-pass-decrypt
blink1-pass-decrypt blink1control2 cve cve-2022-35513 exploit
Last synced: 25 Mar 2025
https://github.com/whokilleddb/CVE-2019-15107
CVE-2019-15107 Webmin Exploit in C
Last synced: 10 Mar 2025
https://github.com/iricartb/university-cybersecurity
Ivan Ricart Borges - Cybersecurity Course
auditor csrf cve cybersecurity dmz dnsmap exploits iptables-firewall iso22301 iso27001 metasploit-framework mitm nessus nmap pilar risk-management set social-engineering sql-injection virtualbox
Last synced: 03 Mar 2025
https://github.com/mbadanoiu/cve-2023-26269
CVE-2023-26269: Misconfigured JMX in Apache James
0-day cve cve-2023-26269 cves local-privilege-escalation mlet unauthenticated
Last synced: 01 Mar 2025
https://github.com/p1ckzi/CVE-2012-5519
cups-root-file-read.sh | CVE-2012-5519
cups-root-file-read cve cve-2012-5519 cves exploit hacking pentesting-tools
Last synced: 10 Mar 2025
https://github.com/soontao/cve-2017-8046-demo
SPRING DATA REST CVE-2017-8046 DEMO
Last synced: 17 Mar 2025
https://github.com/b3b0/bluebrary
📘🛠️My self-described "Blue Team Library". A collection of scripts I've used over time to remediate various vulnerabilites.
blueteam cve mitigation patching remediation
Last synced: 22 Mar 2025
