GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Mon Aug 18, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| WinRAR-CVE-2025-8088-Path-Traversal-PoC | Proof-of-Concept for CVE-2025-8088 vulnerability in WinRAR (pa | n/a | n/a | Visit Repo |
| CVE-2025-54253-Exploit-Demo | CVE-2025-54253 exploit demo for Adobe AEM Forms on JEE: OGNL | n/a | n/a | Visit Repo |
| CVE-2024-34102 | XXE can expose crypt key and other secrets granting full admin access |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| coolermaster-masterctrl-vuln | CVE-2025-52216 – Cooler Master MasterCTRL Silent Installatio | n/a | n/a | Visit Repo |
| CVE-2025-53770-Checker | CVE-2025-53770 SharePoint Deserialization Vulnerability Checke | Microsoft SharePoint Server Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C
|
Visit Repo |
| CVE-2024-47533-PoC | Cobbler allows anyone to connect to cobbler XML-RPC server with a known password and make changes |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2024-3660-PoC | A PoC for CVE-2024-3660. Arbitrary Code Execution in Keras. | Arbitrary code injection vulnerability in Keras framework < 2.13 | n/a | Visit Repo |
| exploit-js2py | The CVE-2024-28397 vulnerability affects versions of js2py up | n/a | n/a | Visit Repo |
| PoCs-and-Exploits | A repository containing all of the exploits I discovered and/o | n/a | n/a | Visit Repo |
| CVE-2025-51529 | Incorrect Access Control in the AJAX endpoint functionality in | n/a | n/a | Visit Repo |
| zeroheight-account-verification-bypass-CVE-2025-XXXX | Independent security finding – Zeroheight account creation b | n/a | n/a | Visit Repo |
| CVE-2025-26788 | n/a |
v3.1
HIGH
Score: 8.4
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
|
Visit Repo | |
| oob_entry | oob_entry tfp0 kernel exploit for armv7 iOS (iOS 3.0–10.3.4) | n/a | n/a | Visit Repo |
| CVES | A repository to host all of my CVEs and writeups and exploits | n/a | n/a | Visit Repo |
| CVE-2024-47533-Cobbler-XMLRPC-Authentication-Bypass-RCE-Exploit-POC | CVE-2024-47533 is a critical authentication bypass vulnerabili | Cobbler allows anyone to connect to cobbler XML-RPC server with a known password and make changes |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-8088-WinRAR-PathTraversal-PoC | n/a | n/a | Visit Repo | |
| CVE-2025-50154-Aggressor-Script | n/a | n/a | Visit Repo | |
| CVE-2025-6934 | CVE-2025-6934 is a critical vulnerability in the WordPress Opa | Opal Estate Pro <= 1.7.5 - Unauthenticated Privilege Escalation via 'on_regiser_user' |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| rollback_car_attack_proverif | ProVerif proof of concept of the Rollback attack on car keyfob | n/a | n/a | Visit Repo |
| CVE-2018-7600 | PoC of CVE-2018-7600 | n/a | n/a | Visit Repo |
| CVE-2024-28397-command-execution-poc | This vulnerability arises from incomplete sandboxing in js2py, | n/a | n/a | Visit Repo |
| ToolShell-CVE-2025-53770-SharePoint-Exploit-Lab-LetsDefend | Microsoft SharePoint Server Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C
|
Visit Repo | |
| jr-cve-finder | This repository contains a curated list of CVE vulnerabilities | n/a | n/a | Visit Repo |
| CVE-2025-7771 | ThrottleStop.sys, a legitimate driver, exposes two IOCTL inter | Code Execution / Escalation of Privileges in ThrottleStop |
v4.0
HIGH
Score: 8.7
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| Slient-URL-Exploit | URL Contamination Exploit Muted Java Drive-By downloads can tr | n/a | n/a | Visit Repo |
| CVE-2025-49132_poc | This is an improved version of the CVE-2025-49132 proof of con | n/a | n/a | Visit Repo |
| CVE-CVE-2025-25231 | n/a | n/a | Visit Repo | |
| CVE-2025-8875-CVE-2025-8876 | Detection for CVE-2025-8875 & CVE-2025-8876 | n/a | n/a | Visit Repo |
| CVE-2017-11317-auto-exploit- | n/a | n/a | Visit Repo | |
| CVE-2025-8088-Multi-Document | Exploit systems using older WinRAR | n/a | n/a | Visit Repo |
| Awesome-Hacking-Learning-Path | A comprehensive hacking learning path covering Pentesting, OSI | n/a | n/a | Visit Repo |
| My-CVE-Arsenal | The exploit own my hand | n/a | n/a | Visit Repo |
| Follina-Vulnerability-CVE-2022-30190-Exploit-Analysis | Exploration of the Follina (CVE-2022-30190) Microsoft Office v | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
|
Visit Repo |
| CVE-2025-8088-Winrar-Tool | Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088 | n/a | n/a | Visit Repo |
| CVE-2025-8971 | Sql injection in itsourcecode Online Tour and Travel Managemen | n/a | n/a | Visit Repo |
| CVE-2025-24813 | Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT | n/a | Visit Repo | |
| CVE-2025-9090 | Command Injection in Tenda AC20 16.03.08.12 (/goform/telnet) | n/a | n/a | Visit Repo |
| CVE-2025-49667 | Windows Win32 Kernel Subsystem | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2018-7422 | Exploit for CVE-2018-7422: Local File Inclusion in WordPress P | n/a | n/a | Visit Repo |
| PoC_CVE-2025-54887 | Proof of Concept for CVE-2025-54887 | jwe: Missing AES-GCM authentication tag validation in encrypted JWEs |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2017-11882 | Simple PoC of CVE-2017-11882 | n/a | n/a | Visit Repo |
| CVE-2025-5419 | Dissecting CVEin Chrome | n/a | n/a | Visit Repo |
| Bug-bounty-pentesting-and-CVE-trends | A practical attacker’s shortlist of technologies that tend t | n/a | n/a | Visit Repo |
| CVE-2025-50461 | Technical Details and Exploit for CVE-2025-50461 | n/a | n/a | Visit Repo |
| Discord-Image-Logger-Stealer | Ephemeral discourse is embodied by the likes of Messenger Sess | n/a | n/a | Visit Repo |
| CVE-2025-24893 | PoC exploit for XWiki Remote Code Execution Vulnerability (CVE | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-0520_try | Remote Code Execution due to Full Controlled File Write in mlflow/mlflow |
v3.0
CRITICAL
Score: 10
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-53770 | CVE-2025-53770 - SharePoint | Microsoft SharePoint Server Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C
|
Visit Repo |
| watchTowr-vs-FortiSIEM-CVE-2025-25256 | n/a | n/a | Visit Repo | |
| CVE-2025-53778-Exploit | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.