Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Common Vulnerabilities and Exposures (CVE)

The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security

https://github.com/ariary/CVE-2021-25741

🪄 Instant shell on kubernetes node with CVE-2021-25741 exploit adaptation

cve hostpath infosec k8s-security kubernetes poc

Last synced: 23 Oct 2024

https://github.com/l0nax/CVE-2019-15053

(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053

cve cve-2019-15053 exploit poc proof-of-concept vulnerability

Last synced: 23 Oct 2024

https://github.com/SpamixOfficial/CVE-2023-38831

CVE-2023-38831 Proof-of-concept code

cve cve-2023-38831 poc proof-of-concept rust

Last synced: 23 Oct 2024

https://github.com/shamo0/CVE-2022-1388

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC

1388 2022 bash bigip cve cve-2022-1388 exploit f5 icontrol python rest script shell vulnerabilit

Last synced: 23 Oct 2024

https://github.com/michaelpgalen/CVE-DataVis-Prototype-JS

A vanilla javascript prototype for a React data visualization project.

cve data-visualization vanilla-javascript vanilla-js

Last synced: 23 Oct 2024

https://github.com/Sneezry/vscode-cve

Show security alert for vulnerable dependencies of Node projects

audit cve nodejs vscode-extension

Last synced: 23 Oct 2024

https://github.com/richlamdev/dependabot-slack

Github Dependabot Alert Scraper with Send to Slack Channel Option, Software Composition Analysis, Vulnerabilty Management, Patching, Supply Chain Security

api cve cvss cvss3 dependabot github patching python rest-api sca scaper supplychain vulnerability-management

Last synced: 23 Oct 2024

https://github.com/sneezry/vscode-cve

Show security alert for vulnerable dependencies of Node projects

audit cve nodejs vscode-extension

Last synced: 17 Oct 2024

https://github.com/password123456/nvd-cve-database

The Common Vulnerabilities Exposures (CVE) Database

cve nvd vulnerability-databases vulnerability-identification

Last synced: 08 Nov 2024

https://github.com/travispaul/node-nvd-search

(Unofficial) node module to fetch, cache, and perform offline search of the NIST National Vulnerability Database.

cve nvd

Last synced: 05 Nov 2024

https://github.com/whokilleddb/cve-2019-17662

Exploit for CVE-2019-17662 (ThinVNC 1.0b1)

cve cve-2019-17662 exploit poc thinvnc

Last synced: 08 Nov 2024

https://github.com/s9ra16bf4/exploits

Proof-of-concept for known security issues

cve cve-2019-13623 exploit exploits ghidra golang

Last synced: 08 Nov 2024

https://github.com/spamixofficial/cve-2023-38831

CVE-2023-38831 Proof-of-concept code

cve cve-2023-38831 poc proof-of-concept rust

Last synced: 06 Nov 2024

https://github.com/momenbasel/naggets

old CTF I've made sharing it publicly.

ctf ctf-challenges ctf-platform ctf-playground cve exploit nagios

Last synced: 11 Oct 2024

https://github.com/peiwithhao/hacker-university-of-peiwithhao

peiwithhao's learning journey in network/system security

archlinux course cve fuzzing linux-kernel linux-kernel-module university

Last synced: 12 Oct 2024

https://github.com/ppxl/harbor-cve-finder

Comfortably find CVEs in your Harbor container image registry

container cve harbor-registry registry

Last synced: 13 Oct 2024

https://github.com/vollkorntomate/cvedash

CVEs on a Dashboard

cve dashboard nvd

Last synced: 18 Oct 2024

https://github.com/brayanhenao/cve-notifications-app

It is an application that monitors new CVEs that are announced for the dependencies that are being tracked and notify them via Slack Webhook message to a specific channel.

cve go slack

Last synced: 08 Nov 2024

https://github.com/raul23/equifax-data-breach

Researching the 2017 Equifax data breach. Saving important notes about this infamous case.

apache attribution cve data-breach equifax java network-intrusion notes vulnerability

Last synced: 14 Nov 2024

https://github.com/muchdogesec/cpe2stix

A command line tool that turns NVD CPE records into STIX 2.1 Objects.

cpe cve nvd stix2

Last synced: 12 Nov 2024

https://github.com/muchdogesec/cti_knowledge_base_store

A repository that stores CTI Knowledge-bases in versioned STIX 2.1 Bundles.

cpe cve disarm mitre-attack mitre-capec mitre-cwe nvd sigma-rules stix2 stix2-extensions yara yara-rules

Last synced: 12 Nov 2024

https://github.com/sa7mon/vulnchest

A collection of vulnerable applications for research purposes

bugbounty cve infosec

Last synced: 12 Nov 2024

https://github.com/codeb0ss/webshell_executor

Advanced Software To Scan Webshells With The Best Features - For SEO Webshells/SEO Companies.

0day china codeb0ss codeboss cve exploit high-da lufix olux rce-exploit shell shell-exploit webshell webshell-backdoor webshell-detect webshell-exploit wso xleet

Last synced: 13 Nov 2024

https://github.com/mauricelambert/cve-2021-41773

These Metasploit, Nmap, Python and Ruby scripts detects and exploits CVE-2021-41773 with RCE and local file disclosure.

cve cve-2021-41773 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 14 Nov 2024

https://github.com/mauricelambert/cve-2021-42013

These Nmap, Python and Ruby scripts detects and exploits CVE-2021-42013 with RCE and local file disclosure.

cve cve-2021-42013 detection exploit metasploit nmap python3 rce ruby scanner vulnerability

Last synced: 14 Nov 2024

https://github.com/postmodern/nvd-json_feeds.rb

Provides a Ruby API to NVD JSON Feeds.

cve feeds gem json nvd parser ruby

Last synced: 14 Nov 2024

https://github.com/steake/cve-tracker

Track latest CVE PoCs on Github and Gitlab.

cve cve-tracker cve-tracking exploit github gitlab tracker

Last synced: 30 Oct 2024

https://github.com/vincentscode/cve-2024-34312

☣️ This repository contains the description and a proof of concept for CVE-2024-34312

cve security-research

Last synced: 13 Nov 2024

https://github.com/jmousqueton/2022-openssl-scan

OpenSSL v3.x scanner for Linux (bash) and Windows (Powershell)

bash cve linux openssl scan security vulnerability

Last synced: 10 Nov 2024

https://github.com/msantos/cvecat

Command line utility to format and write CVE data to stdout

cve

Last synced: 02 Nov 2024

https://github.com/Live-Hack-CVE/Discussions

General discution about CVE and security issues

audit cve discussion security

Last synced: 23 Oct 2024

https://github.com/hihouhou/huginn_debian_security_bug_tracker_agent

huginn agent to check CVE for debian OS packages

cve debian huginn huginn-agent

Last synced: 01 Nov 2024

https://github.com/soerenschneider/conditional-reboot

orchestrates the execution of reboots to ensure security and stability of your infrastructure

automation cve kernel-update reboot security-update

Last synced: 24 Oct 2024

https://github.com/mdnagency/prestashop-mdn_secucheck

PrestaShop module designed to enhance the security of your e-commerce store by scanning and checking for published Common Vulnerabilities and Exposures (CVE) related to both installed modules and the PrestaShop core.

cve prestashop prestashop-module security

Last synced: 13 Oct 2024

https://github.com/athiththan11/wso2-cve-extractor

CLI Tool to extract the related WSO2 Security Advisory information of CVE

cve scraper wso2

Last synced: 08 Nov 2024

https://github.com/stackoverflowexcept1on/cve-2021-36393

Error-based blind SQL injection with bit-shifting approach for Moodle 3.10.4

cve moodle sql-injection vulnerability

Last synced: 12 Nov 2024

https://github.com/codexlynx/cve-2019-25024

Full exploit code for CVE-2019-25024 an unauthenticated command injection flaw in OpenRepeater.

cve cve-2019-25024 exploit mitre openrepeater vulnerability

Last synced: 10 Nov 2024

https://github.com/hangxingliu/node-cve

🛡 Collection about Node.js CVE and PoC

cve nodejs poc

Last synced: 11 Nov 2024

https://github.com/anthonyharrison/cvss

Utilities for manipulating CVSS vulnerability metric

cve cvss cvssv3 metrics security vulnerability-assessment

Last synced: 07 Nov 2024

https://github.com/password123456/analyzed-cvelist

New CVEs requiring verification and analysis, Everyday

cve cve-advisory cve-alert cve-finding cve-list cve-scanning cve-search

Last synced: 08 Nov 2024

https://github.com/mchmarny/vul

End-to-end solution for tracking image vulnerabilities over time using most popular open source scanners (e.g. grype, snyk, trivy).

container cve exposure vulnerability

Last synced: 08 Nov 2024

https://github.com/reconmap/pentest-reports-vulnerabilities

Vulnerability database and API

api cve database nvd vulnerability

Last synced: 11 Nov 2024

https://github.com/3llena/libs-from-stacktrace

sniping module map from nt user thread init

3llena cve cxx23 gpl libre nt10 public research rtl usermode

Last synced: 23 Oct 2024

https://github.com/EdoWhite/CVEtoMS

CVE id to MS id

cve python python3

Last synced: 23 Oct 2024

https://github.com/CVEDB/CVSS-Calculator

CVSS (Common Vulnerability Scoring System) Calculator

cve cvs-export cvs-project cvssv3

Last synced: 23 Oct 2024

https://github.com/exfil0/test_iconv

This repository contains a C program to test for CVE-2024-2961, a buffer overflow vulnerability in the iconv() function of glibc.

buffer cve cve-202402961 glibc iconv overflow pentest test vulnerability

Last synced: 09 Nov 2024

https://github.com/adamalston/Meltdown-Spectre

Meltdown & Spectre - catastrophic vulnerabilities - exploited 🛡️

cve meltdown meltdown-demo security spectre spectre-demo vulnerability

Last synced: 23 Oct 2024

https://github.com/Yashodhanvivek/Firebolt-wristphone-vulnerability

This repository is for Firebolt wristphone vulnerability for CVE ID CVE-2024-30656 suggested by MITRE. Mitre yet to confirm on ID

cve firebolt vulnerability wifi-deauth wifi-deauther wifi-hacking wifi-security wristphone

Last synced: 23 Oct 2024

https://github.com/Live-Hack-CVE/.github

This is the Github config repo. Feel free to make an pull request !

cve exploit github github-config live-hack readme soc

Last synced: 23 Oct 2024

https://github.com/mbadanoiu/CVE-2021-46364

CVE-2021-46364: YAML Deserialization in Magnolia CMS

cve cve-2021-46364 cves

Last synced: 23 Oct 2024

https://github.com/gsmith257-cyber/BIT3434CVE

BI T3434 Project on data mining CVEs and Exploits

cve data data-mining exploits research-project

Last synced: 23 Oct 2024

https://github.com/mbadanoiu/CVE-2023-40037

CVE-2023-40037: Incomplete Validation of JDBC and JNDI Connection URLs in Apache NiFi

cve cve-2023-40037 cves

Last synced: 23 Oct 2024

https://github.com/mbadanoiu/CVE-2023-26269

CVE-2023-26269: Misconfigured JMX in Apache James

cve cve-2023-26269 cves

Last synced: 23 Oct 2024

https://github.com/codeb0ss/cve-2024-20353-poc

Mass Exploit - CVE-2024-20353 [Cisco] < Unauthenticated < Denial Of Service

cisco cisco-cve cisco-exp cisco-ios cisco-vuln codeb0ss cve cve-2024 cve-2024-20353 cve-2024-20353-exp cve-2024-20353-poc uncodeboss

Last synced: 13 Nov 2024

https://github.com/codexlynx/CVE-2019-25024

Full exploit code for CVE-2019-25024 an unauthenticated command injection flaw in OpenRepeater.

cve cve-2019-25024 exploit mitre openrepeater vulnerability

Last synced: 23 Oct 2024

https://github.com/extra2000/markakd-CVE-2022-2588

Exploit for CVE-2022-2588 by [Markakd](https://github.com/Markakd)

cve cve-poc

Last synced: 23 Oct 2024

https://github.com/codeb0ss/CVE-2023-20073-

Mass Exploit - CVE-2023-20073 - Cisco VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]

0day bug bugbounty cisco codeb0ss codeboss cve cve-2023-20073 exploit hackerone mass mass-exploit uncodeboss vpn-router

Last synced: 23 Oct 2024

https://github.com/codeb0ss/cve-2023-20073-

Mass Exploit - CVE-2023-20073 - Cisco VPN Routers - [Unauthenticated Arbitrary File Upload and Stored XSS]

0day bug bugbounty cisco codeb0ss codeboss cve cve-2023-20073 exploit hackerone mass mass-exploit uncodeboss vpn-router

Last synced: 13 Nov 2024

https://github.com/codeb0ss/cve-2023-39143

CVE-2023-39143 < PaperCut < Path Traversal (PT)

0day codeb0ss codeboss cve cve-2023-39143 exploiter hackerone papercut

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42560

CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera

0-day authenticated cve cve-2021-42560 cves xxe

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42559

CVE-2021-42559: Command Injection via Configurations in MITRE Caldera

0-day authenticated cve cve-2021-42559 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-24818

CVE-2022-24818: Java Deserialization via Unchecked JNDI Lookups in GeoServer and GeoTools

0-day cve cve-2022-24818 cves deserialization remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42558

CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera

0-day cross-site-scripting cve cve-2021-42558 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46362

CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS

0-day cve cve-2021-46362 cves server-side-template-injection unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46366

CVE-2021-46366: Credential Bruteforce Attack via CSRF + Open Redirect in Magnolia CMS

0-day csrf cve cve-2021-46366 cves open-redirect

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-46363

CVE-2021-46363: Formula Injection in Magnolia CMS

0-day authenticated csv-injection cve cve-2021-46363 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-8254

CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

0-day cve cve-2020-8254 cves remote-code-execution user-interaction zip-slip

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-20253

CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower

0-day cve cve-2021-20253 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2022-40634

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

0-day authenticated bypass cve cve-2020-25803 cve-2022-40634 cves remote-code-execution server-side-template-injection

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-34693

CVE-2024-34693: Server Arbitrary File Read in Apache Superset

0-day arbitrary-file-read cve cve-2024-34693 cves

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-12641

CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail

0-day cve cve-2020-12641 cves remote-code-execution unauthenticated

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2019-9849

CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice

0-day bypass cve cve-2019-9849 cves server-side-request-forgery

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-37081

CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

0-day authenticated cve cve-2024-37081 cves local-privilege-escalation

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-22274

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

0-day authenticated cve cve-2024-22274 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2024-22275

CVE-2024-22275: Partial File Read in VMware vCenter Server

0-day authenticated cve cve-2024-22275 cves file-read

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2023-51518

CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James

0-day cve cve-2023-51518 cves deserialization local-privilege-escalation pre-authentication

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42562

CVE-2021-42562: Improper Access Control in MITRE Caldera

0-day authenticated cve cve-2021-42562 cves insecure-direct-object-reference

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2021-42561

CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

0-day authenticated cve cve-2021-42561 cves remote-code-execution

Last synced: 13 Nov 2024

https://github.com/mbadanoiu/cve-2020-13965

CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail

0-day cross-site-scripting cve cve-2020-13965 cves unauthenticated

Last synced: 13 Nov 2024