cves

There are 2 repositories under cves topic.

• peass-ng / BotPEASS

  Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.

  peasscvemonitoringprivesctelegramslackbotcves
  Language:Python 257
• CVE2CAPEC

  Galeax / CVE2CAPEC

  Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated daily. Showcased at BlackHat Europe 2025 Arsenal.

  capeccvecvescwecybersecurityinfosecinfosectoolsmitre-attackmitre-attack-dbmitre-attack-navigatormitre-capecmitre-cwettpblackhatblackhat-arsenald3fendmitre-d3fendmitre-defendblackhateurope-2025
  Language:Python 245

• iamunixtz / Lazy-Hunter

  LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs

  bughunterbughuntingcvesportreconscannerscanner-webcveshunterlazyhunterreconcves
  Language:Python 220

• HyCraftHD / Log4J-RCE-Proof-Of-Concept

  Log4j-RCE (CVE-2021-44228) Proof of Concept with additional information

  cvescve-2021-44228cveminecraftexploitlog4jlog4j2
  Language:Java 181

• tg12 / PoC_CVEs

  PoC_CVEs

  cvecve-2020-0796cve-2021-44228cve-scanningcve-searchcvespoc
  166

• anmolksachan / ThreatTracer

  ThreatTracer - A python Script to identify CVE by name & version and more by @FR13ND0x7F

  automationbountybugbugbountycvecveshackeroutdatedpentestpentestingpocpythonstepstoolverification
  Language:Python 137
• php-version-audit

  lightswitch05 / php-version-audit

  Audit your PHP version for known CVEs and patches

  security-auditphpcomposer-packagedocker-imagesecurity-scannerphp-librarysecuritycvesauditphp-securityhacktoberfest
  Language:PHP 113

• DrunkenShells / Disclosures

  Public Disclosures

  cvecves0day0-daysecurity
  Language:HTML 91

• drcrypterdotru / BurnWP-Framework

  BurnWP Advanced Exploiter System instead Scanner & Custom Plugin for Pentester

  autoexploitermassmultiscannertargetxattackerxvulnbulkcrossplatformscanner-webvulnerabilitypenetration-testingcvesbugbounty
  Language:Python 76

• parthdmaniar / coronavirus-covid-19-SARS-CoV-2-IoCs

  All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns

  cvesindicator-of-compromiseiocioc-filesthreat-intelligence
  65

• mbadanoiu / CVE-2024-22274

  CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

  0-dayauthenticatedcvecve-2024-22274cvesremote-code-execution
  39

• coinbase / salus

  We would like to request that all contributors please clone a *fresh copy* of this repository since the September 21st maintenance.

  auditbrakemancirclecicoinbasecvesgolanggosecjsnpmruby-on-railssalussecurity-scannersecurity-scannerssecurity-toolsstatic-analysisyarn
  Language:HTML 29

• r3volved / CVEAggregate

  Build a CVE library with aggregated CISA, EPSS and CVSS data

  cisacisa-kevcvecve-searchcvescvsscvss2cvss3cvssv2cvssv3epssno-dependenciesnodependencevulnerabilitiesvulnerability-assessmentvulnerability-management
  Language:JavaScript 29

• SecNN / SecNN-Wiki

  Wiki漏洞库管理系统&网络安全知识库-渗透测试常见漏洞知识库文档-该网站收集了Web应用层漏洞、中间件安全缺陷、系统配置不当、移动端（Android）安全问题、权限提升、RCE、网络设备及IOT安全。

  cvecvescyber-securitycybersecurityexploitpayloadpentestpentestingpentesting-toolspocredteamredteam-toolssecuritysecurity-scanvlunwikiandroidiotsecuritywebscanwebscanner
  28
• node-version-audit

  lightswitch05 / node-version-audit

  Audit your Node version for known CVEs and patches

  auditcve-scanningcvesdocker-imagenodenode-jsnodejsnpm-packagesecuritysecurity-auditsecurity-scannersecurity-tools
  Language:JavaScript 25

• prodigiousMind / CVE-2023-41425

  WonderCMS Authenticated RCE - CVE-2023-41425

  cvecvesexploitrce-exploitwondercms
  Language:Python 25

• plasticuproject / nvd_api

  An unofficial, RESTful API for NIST's NVD

  nistnvdnist-databasecvecve-searchpythonflaskrest-apiapirestfulflask-restfulcvesnist-nvdnvd-apikeyword-searchkeywordrestful-apirestinfoseccyber-security
  Language:Python 23

• mbadanoiu / CVE-2025-31644

  CVE-2025-31644: Command Injection in Appliance mode in F5 BIG-IP

  0-dayauthenticatedcommand-injectioncvecvescve-2025-31644
  22

• mbadanoiu / CVE-2025-20029

  CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP

  0-dayauthenticatedcommand-injectioncvecve-2025-20029cves
  20

• chnzzh / iDRAC-CVE-lib

  CVEs for Integrated Dell Remote Access Controller (iDRAC)

  bmccvesidrac
  19
• ez-iRZ

  SakuraSamuraii / ez-iRZ

  Exploit for CVE-2022-27226

  exploitscve-2022-27226cvessakurasamuraii
  Language:Python 15

• udaykor / vulnhub

  Search NVD locally

  nvdcvesvulnerabilitiescvecpecwenistautomationgraphqlneo4j
  Language:TypeScript 14

• CERTCC / exploitdb

  CERT/CC's fork of the official Exploit Database repository in which we are tagging commits that include vulnerability IDs. The first commit for an ID we recognize gets the tag for that ID. Aside from adding git tags, we do not otherwise modify the code. Updates hourly.

  vulnerability-identificationcvecvescve-searchcve-searchsploitvulnerability-intelligence
  Language:C 11

• InesMartins31 / iot-cves

  IoT CVEs as abnormal events to evaluate a real-time host-based IDS. https://doi.org/10.1016/j.future.2022.03.001

  anomaly-detectioncvesdatasethost-basedidsiotreal-timesecuritystream-processing
  Language:Dockerfile 11

• whitehatboy005 / JSON2YAML-CVE

  JSON2YAML is a Python-based utility that simplifies the process of converting CVE (Common Vulnerabilities and Exposures) data from JSON format into well-structured YAML files. This tool allows security analysts and developers to easily manage, analyze, and integrate CVE data into their vulnerability management systems.

  convertorcvesjsonjson2yamlpython3nuclei-templatestemplate
  Language:Python 11

• mbadanoiu / CVE-2024-34693

  CVE-2024-34693: Server Arbitrary File Read in Apache Superset

  0-dayarbitrary-file-readcvecvescve-2024-34693
  10

• mbadanoiu / CVE-2024-37081

  CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

  0-dayauthenticatedcvecveslocal-privilege-escalationcve-2024-37081
  10
• CVE-2012-5519

  p1ckzi / CVE-2012-5519

  cups-root-file-read.sh | CVE-2012-5519

  hackingcvecvescve-2012-5519cups-root-file-readpentesting-toolsexploit
  Language:Shell 9
• Epimetheus

  0x4meliorate / Epimetheus

  Receive notifications/alerts on the most recent disclosed CVE's.

  cvecvesexploitexploitsmitrevulnerabilitiesvulnerabilityvulnerability-detectionvulnerability-scanners
  Language:Python 8

• MindPatch / latestpocs

  Latest PoC exploit & Writeups

  cvespentestingpocproof-of-conceptsecurity
  Language:Python 8

• Vimru / taps

  True Arch package security - audit your system and query packages

  tapsarchvulnerable-packagescvesadvisoriessecurity
  Language:Python 8

• mbadanoiu / CVE-2023-49964

  CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco

  0-dayauthenticatedbypasscvecvesremote-code-executionserver-side-template-injectioncve-2023-49964cve-2020-12873
  6

• errorecho / CVEs-Collection

  CVEs collection

  cvescollectionexploitdocker-composepoc
  Language:Python 4
• inntinn

  Heretyc / inntinn

  Meta risk analysis and scoring system based on open-source fully automated intelligence gathering

  pythonexploitdbnvdsecurities-and-exchange-commissionmongodbsecuritysecurity-toolsosintnosqldatabasecvescvenistsanicsanic-frameworksanic-projectswaggeropenapi
  Language:Python 4

• mbadanoiu / CVE-2023-34468

  CVE-2023-34468: Remote Code Execution via DB Components in Apache NiFi

  0-dayauthenticatedcvecvesremote-code-executioncve-2023-34468
  4

• awwfensive / cWee

  cWee is an advanced CVE (Common Vulnerabilities and Exposures) searching tool, built on top of the powerful nvdlib library.

  cvecve-scanningcvessecuritysecurityresearch
  Language:HTML 3