GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Sat May 10, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2024-21532-PoC-ggit | CVE-2024-21532 PoC ggit | n/a |
v3.1
HIGH
Score: 7.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P
|
Visit Repo |
| Mosquitto-CVE-Proof-of-Concept-TOCTOU-and-Symlink-Vulnerability- | n/a | n/a | Visit Repo | |
| CVE-2025-20188 | n/a | n/a | Visit Repo | |
| Hacker-Search | Hacker Search is a feature-rich Chrome extension that transfor | n/a | n/a | Visit Repo |
| CVE-2025-21307 | CVE-2025-21307 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2024-28752 | Apache CXF SSRF CVE-2024-28752 | Apache CXF SSRF Vulnerability using the Aegis databinding | n/a | Visit Repo |
Fri May 09, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Kentico-Xperience-before-13.0.178---XSS-POC | PoC for CVE-2025-2748 - Unauthenticated ZIP file upload with e | n/a | n/a | Visit Repo |
| Poleposph | Tools for scan CVE-2024-25600 - WordPress Bricks Builder Remot | n/a | n/a | Visit Repo |
| CVE-2025-3605 | WordPress Frontend Login and Registration Blocks Plugin <= 1. | n/a | n/a | Visit Repo |
| Predicting-the-Exploit-Availability-for-CVEs-WITH-REGRESSION-AND-CLASSIFICATION-MODELS | This is jupyter file. | n/a | n/a | Visit Repo |
| CVE-2024-13513 | Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - | Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - Sensitive Information Exposure to Privilege Escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-27533-Exploit-for-Apache-ActiveMQ | exploit for CVE-2025-27533, a Denial of Service (DoS) vulnerab | n/a | n/a | Visit Repo |
| dirtyZero | Basic customization app using CVE-2025-24203. Patched in iOS 1 | n/a | n/a | Visit Repo |
| CVE-2024-38475 | CVE-2024-38475 Scanner using FFUF + Seclists | Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. | n/a | Visit Repo |
Thu May 08, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-47550 | Instantio - Wordpress Plugin <= 3.3.16 - Authenticated (Admin+ | n/a | n/a | Visit Repo |
| RCE-PoC-CVE-2021-25646 | A proof-of-concept for the CVE-2021-25646, which allows for Co | Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. | n/a | Visit Repo |
| CVE-2025-47549 | Ultimate Before After Image Slider & Gallery – BEAF <= 4.6.1 | n/a | n/a | Visit Repo |
| HTA-Exploit | Microsoft Windows HTA (HTML Application) - Pinnacle of Remote | n/a | n/a | Visit Repo |
| CVE-2021-42392-exploit-lab | n/a | n/a | Visit Repo | |
| PDF-FUD-Exploit | A meticulous scrutiny of the Exploit PDFs innards exposes a ne | n/a | n/a | Visit Repo |
| Slient-URL-Exploit | URL Contamination Exploit Muted Java Drive-By downloads can tr | n/a | n/a | Visit Repo |
| cisco-ios-xe-implant-scanner | A go-exploit to scan for implanted Cisco IOS XE Systems cve-20 | n/a | n/a | Visit Repo |
| Jpg-Png-Exploit-Slient-Builder-Exploit-Database-Cve-2023-Malware | In the hushed galleries of the Silent JPG Exploit, a symphony | n/a | n/a | Visit Repo |
| CVE-2024-6648 | n/a | n/a | Visit Repo | |
| Discord-Image-Logger-Stealer | Ephemeral discourse is embodied by the likes of Messenger Sess | n/a | n/a | Visit Repo |
| samba-trans2open-exploit-report | Exploitation report of the Samba Trans2Open vulnerability (CVE | n/a | n/a | Visit Repo |
| x-middleware-exploit | x-middleware exploit for next.js CVE-2023–46298 cache poison | n/a | n/a | Visit Repo |
| CUPS-Exploit | Heap-based buffer overflow example based on CVE-2023-4504 | n/a | n/a | Visit Repo |
| CVE-2024-57376 | CVE-2024-57376 exploit | n/a | n/a | Visit Repo |
| CVE-2024-39719 | n/a | n/a | Visit Repo | |
| Symfony-CVE-Scanner-PoC- | CVE-2021-21424 - CRLF Injection - CVE-2021-41268 - Host Heade | n/a | n/a | Visit Repo |
| CVE-2025-46271-Reverse-Shell-PoC | Planet Technology Network Products OS Command Injection |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
|
Visit Repo | |
| N600R_CVE_poc | n/a | n/a | Visit Repo | |
| CVE-2023-7231 | PoC and Disclosure for CVE-2023-7231 – Memcached Gopher RCE | n/a | n/a | Visit Repo |
| VulhubPenTestingReport | Educational penetration testing using Vulhub. Recreated and do | n/a | n/a | Visit Repo |
| nuclei-template-cve-2025-31324-check | sap-netweaver-cve-2025-31324-check | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Wed May 07, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-28074 | n/a | n/a | Visit Repo | |
| CVE-2025-4190 | CSV Mass Importer <= 1.2 - Admin+ Arbitrary File Upload | CSV Mass Importer <= 1.2 - Admin+ Arbitrary File Upload | n/a | Visit Repo |
| CVE-2025-45250 | CVE-2025-45250 POC | n/a | n/a | Visit Repo |
| CVE-2024-13800 | Popup Plugin For WordPress - ConvertPlus <= 3.5.30 - Missing A | Popup Plugin For WordPress - ConvertPlus <= 3.5.30 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
|
Visit Repo |
| CVE-2025-25014 | n/a | n/a | Visit Repo | |
| CVE-2025-28073 | n/a | n/a | Visit Repo | |
| POC_Collecter_Bot | Automated CVE POC collector with a Telegram bot interface for | n/a | n/a | Visit Repo |
| CVE-2024-39722 | n/a | n/a | Visit Repo | |
| CVE-2025-27007-OttoKit-exploit | exploiting CVE-2025-27007, a critical unauthenticated privileg | WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-47423 | n/a | n/a | Visit Repo | |
| CVE-2025-31324 | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-31125 | Vite WASM Import Path Traversal ️ | Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo |
| CVE-2025-2011 | PoC for CVE-2025-2011 - SQLi in Depicter plugin <= 3.6.1 | n/a | n/a | Visit Repo |
| CVE-2025-1974_IngressNightmare_PoC | ingress-nginx admission controller RCE escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.