GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Sat May 31, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-5287 | WordPress Likes and Dislikes - SQL Injection | n/a | n/a | Visit Repo |
| CVE-2025-30397---Windows-Server-2025-JScript-RCE-Use-After-Free- | Remote Code Execution via Use-After-Free in JScript.dll (CVE-2 | Scripting Engine Memory Corruption Vulnerability |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
|
Visit Repo |
| CVE-2024-11234 | practicing assembly by recreating an exploit i wrote in python | Configuring a proxy in a stream context might allow for CRLF injection in URIs |
v3.1
MEDIUM
Score: 4.8
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
|
Visit Repo |
| CVE-2025-5319 | USOM Tarafından resmi yayın beklenmektedir. | n/a | n/a | Visit Repo |
| CVE-2025-29632 | the information for the vulnerability covered by CVE-2025-2963 | n/a | n/a | Visit Repo |
| CVE-2025-30208-31125-31486-32395 | Vite bypasses server.fs.deny when using `?raw??` |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo | |
| exploitLog | CVE Analysis Blog Developement | n/a | n/a | Visit Repo |
| Moniker-Link-CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| vulnerable-nextjs-14-CVE-2025-29927 | vulnerable-nextjs-14-CVE-2025-29927 | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2025-47577 | WordPress TI WooCommerce Wishlist Plugin <= 2.9.2 Arbitrary Fi | n/a | n/a | Visit Repo |
| CVE-2025-2995 | Tenda FH1202 Web Management Interface SysToolChangePwd access control |
v4.0
MEDIUM
Score: 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
|
Visit Repo | |
| CVE-2021-26828-Ultimate | ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CV | n/a | n/a | Visit Repo |
| CVE-2025-2760 | CVE-2025-2760 – Integer Overflow in GIMP XWD File Parsing | GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability |
v3.0
HIGH
Score: 7.8
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-48827 | Critical Unauthenticated API Access in vBulletin | n/a |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| ti-a-ti-cveexploitchecker | Determines if public exploits are available for a given CVE. U | n/a | n/a | Visit Repo |
| CVE-2025-5329 | USOM Tarafından resmi yayın beklenmektedir. | n/a | n/a | Visit Repo |
| CVE-2025-4631 | Profitori 2.0.6.0 - 2.1.1.3 - Missing Authorization to Unauthe | n/a | n/a | Visit Repo |
Wed May 28, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| cve-auto-exploit-agent | n/a | n/a | Visit Repo | |
| AISA-Scanner | AISA-Scanner is an AI-powered autonomous vulnerability scanner | n/a | n/a | Visit Repo |
| CVE-2025-22252 | CVE-2025-22252 – Authentication Bypass in Fortinet Products | n/a | n/a | Visit Repo |
| CVE-2024-28995 | SolarWinds Serv-U Directory Traversal | SolarWinds Serv-U L Directory Transversal Vulnerability |
v3.1
HIGH
Score: 8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
|
Visit Repo |
| CVE-2018-8097-PoC | POC for CVE-2018-8097 This script exploits CVE-2018-8097 and c | n/a | n/a | Visit Repo |
| CVE-2024-32462 | CVE-2024-32462 code exec sbx escape | Flatpak vulnerable to a sandbox escape via RequestBackground portal due to bad argument parsing |
v3.1
HIGH
Score: 8.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
|
Visit Repo |
| CVE-2025-5287 | WordPress Likes and Dislikes Plugin <= 1.0.0 is vulnerable to | n/a | n/a | Visit Repo |
| SMB_CVE-2025-24071 | Exploited CVE-2025-24071 via SMB by hosting a .library-ms file | Microsoft Windows File Explorer Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo |
| cve-2024-4577 | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-2539 | File Away <= 3.9.9.0.1 - Missing Authorization to Unauthentica | File Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo |
Tue May 27, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| ICMP-Timestamp-POC | A reconnaissance tool to detect CVE-1999-0524 (ICMP Timestamp | n/a | n/a | Visit Repo |
| CVE-2025-24071-PoC | A simple proof of concept for CVE-2025-24071 | Microsoft Windows File Explorer Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2023-40130 | PoC of CVE-2023-40130 | n/a | n/a | Visit Repo |
| CVE-2024-8682 | JNews - WordPress Newspaper Magazine Blog AMP Theme <= 11.6.6 - Unauthorized User Registration |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
Visit Repo | |
| dockout | Red-team oriented CVE exploitation framework for container esc | n/a | n/a | Visit Repo |
| log4shell-homework9 | Log4Shell (CVE-2021-44228) exploit demo for SEAS 8405. Include | n/a | n/a | Visit Repo |
| CVE-2025-3248 | Perform Remote Code Execution using vulnerable API endpoint. | Langflow Unauth RCE |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Mon May 26, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-4389 | Crawlomatic Multipage Scraper Post Generator <= 2.6.8.1 - Unau | n/a | n/a | Visit Repo |
| DLL-for-2024-38014 | The DLL for CVE-2024-38014 | n/a | n/a | Visit Repo |
| CVE-2024-38014 | Windows Installer Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
|
Visit Repo | |
| Go_vuln_scan | 用于快速匹配库中url的cms,读取出使用的cms与� | n/a | n/a | Visit Repo |
| Wing-FTP-Server-7.4.4-RCE-Authenticated | Wing FTP Server provides an administrative Lua scripting conso | n/a | n/a | Visit Repo |
| CVE-POC-JAGAT | n/a | n/a | Visit Repo | |
| ChromSploit-Framework | Advanced AI-Powered Exploitation Framework | CVE-2025-4664 & | n/a | n/a | Visit Repo |
| CVE-2025-32421 | n/a | n/a | Visit Repo | |
| CVE-2024-55591-POC | n/a |
v3.1
CRITICAL
Score: 9.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C
|
Visit Repo | |
| CVE-2025-29927 | Python-based smart scanner for CVE-2025-29927 — Next.js mid | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2025-27363 | n/a |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H
|
Visit Repo | |
| CVE-2025-46173 | poc for the CVE-2025-46173 | n/a | n/a | Visit Repo |
| unlimted-cve | collect cve and exploit | n/a | n/a | Visit Repo |
| CVE-2025-24071 | Windows File Explorer Spoofing Vulnerability - CVE-2025-24071 | Microsoft Windows File Explorer Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2020-11097-POC | POC TO CRASH FREERDP USING CVE-2020-11097 | OOB read in ntlm_av_pair_get in FreeRDP |
v3.1
LOW
Score: 3.5
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
|
Visit Repo |
| CVE-2025-2907 | Order Delivery Date Pro for WooCommerce < 12.3.1 - Unauthentic | Order Delivery Date Pro for WooCommerce < 12.3.1 - Unauthenticated Arbitrary Option Update | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.