GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Mon Jun 09, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-48129 | WordPress Spreadsheet Price Changer for WooCommerce and WP E- | n/a | n/a | Visit Repo |
| CVE-2024-42049-PoC | PoC for CVE-2024-42049 | n/a | n/a | Visit Repo |
| Why-so-Serious-SAM | PoC malware that uses exploit CVE-2021-36934 (improper ACLs on | n/a | n/a | Visit Repo |
| cvear2025 | n/a | n/a | Visit Repo | |
| cventas_2025 | FastAPI-based cventas app with uv and SQLite | n/a | n/a | Visit Repo |
Sun Jun 08, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| redmagic-9spro-exploits | unfixed ex-zero day/CVEs exploits on the nubia redmagic 9spro | n/a | n/a | Visit Repo |
| cve-poc | CVE PoC repository monitoring tool - Automated discovery and t | n/a | n/a | Visit Repo |
| Blackash-CVE-2025-32756 | CVE-2025-32756-POC | n/a | n/a | Visit Repo |
| CVE-2023-27163-Request-Baskets-Local-Ports-Bruteforcer | PoC and internal port brute-forcer for CVE-2023-27163 | n/a | n/a | Visit Repo |
| CVE-2025-5840 | CVE-2025-5840 Exploit Written In Python By haxerr9 | SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload |
v4.0
MEDIUM
Score: 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
|
Visit Repo |
| CVE-2025-46041 | n/a | n/a | Visit Repo | |
| Event-ID-263-Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919- | Information disclosure |
v3.1
HIGH
Score: 8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
|
Visit Repo | |
| SOC274---Palo-Alto-Networks-PAN-OS-Command-Injection-Vulnerability-Exploitation-CVE-2024-3400- | PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-5419 | Out-of-Bounds Read/Write in Chrome V8 — Heap Corruption → | n/a | n/a | Visit Repo |
| CVE-2024-40453 | CVE-2024-40453 poc | n/a | n/a | Visit Repo |
| CVE-2023-27163-Request-Baskets | PoC for CVE-2023-27163 | n/a | n/a | Visit Repo |
| CVE-2025-22870 | PoC CVE-2025-22870 (SSRF) | HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net | n/a | Visit Repo |
| CVE-2024-51482 | CVE-2024-51482 poc | Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64 |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Sat Jun 07, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2017-5638 | CVE-2017-5638 Exploit Rewrite In Python By haxerr9 | n/a | n/a | Visit Repo |
| Blackash-CVE-2025-0282 | CVE-2025-0282 | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| Blackash-CVE-2025-29927 | CVE-2025-29927 | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| KTM_POCS | Reports and POCs for CVE 2024-43570 and CVE-2024-43535 | n/a | n/a | Visit Repo |
| CVE-2025-22224 | Privilege Escalation via TOCTOU Race Condition in VMware VMX | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| Blackash-CVE-2025-31131 | CVE-2025-31131 | Path Traversal allowing arbitrary read of files in Yeswiki |
v3.1
HIGH
Score: 8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
|
Visit Repo |
| CVE-2024-21006_POC | n/a |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo | |
| CVE-2025-24076 | Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| axios-CVE-2025-27152-PoC | Axios CVE-2025-27152 PoC | Possible SSRF and Credential Leakage via Absolute URL in axios Requests |
v4.0
HIGH
Score: 7.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
|
Visit Repo |
Fri Jun 06, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Blackash-CVE-2025-4123 | CVE-2025-4123 | n/a |
v3.1
HIGH
Score: 7.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
|
Visit Repo |
| unisoc-su | A method for CVE-2025-31710 and to connect to cmd_skt to obtai | n/a | n/a | Visit Repo |
| CVE-reports | Generates detailed CVE reports by importing CVE IDs. Automatic | n/a | n/a | Visit Repo |
| CVE-2025-3102 | The SureTriggers WordPress plugin contains a critical authenti | SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-46178 | n/a | n/a | Visit Repo | |
| CVE-2025-27580 | Exploit for CVE-2025-27580: A predictable token vulnerability | n/a |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-49113-exploit | Proof of Concept demonstrating Remote Code Execution through i | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| Blackash-CVE-2025-31161 | CVE-2025-31161 | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-30208 | POC | Vite bypasses server.fs.deny when using `?raw??` |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo |
| CVE-2025-49113 | CVE-2025-49113 exploit | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| cve-2025-5054 | n/a | n/a | Visit Repo | |
| CVE-2020-5142-POC-MB | Reflected XSS found by Burp Suite in several locations on Soni | n/a | n/a | Visit Repo |
Thu Jun 05, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-0316-Exploit | WP Directorybox Manager <= 2.5 - Authentication Bypass |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-PHPGurukul-Hostel-management-system | CVE Repository For CVE-2025-PHPGurukul-Hostel-management-syste | n/a | n/a | Visit Repo |
| exploit-CVE-2025-49113 | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-0316-Exploit | WP Directorybox Manager <= 2.5 - Authentication Bypass |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-5701 | WordPress HyperComments Plugin <= 1.2.2 is vulnerable to Priv | n/a | n/a | Visit Repo |
| CVE-2025-3102 | CVE-2025-3102 – Authentication Bypass in SureTriggers WordP | SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-3419 | The Eventin plugin (<= 4.0.26) for WordPress contains an unaut | n/a | n/a | Visit Repo |
| CVE-2011-0762 | Script corrigindo o exploit da CVE postado no Exploit-DB | n/a | n/a | Visit Repo |
| cve-2025-24893 | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-22224 | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-5419 | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.