GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Tue Apr 22, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| FOXCMS-CVE-2025-29306-POC | n/a | n/a | Visit Repo | |
| TRAI-001-Critical-RCE-Vulnerability-in-Apache-Parquet-CVE-2025-30065-Simulation | A CVSS 10.0-rated vulnerability in the parquet-avro Java modul | Apache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| CVE-2025-43919-POC | A new vulnerability has been discovered in GNU Mailman 2.1.39, | n/a |
v3.1
MEDIUM
Score: 5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
Visit Repo |
| swa20250422031chj2zy8d3cvekhdprezlu | swa20250422031chj2zy8d3cvekhdprezlu | n/a | n/a | Visit Repo |
| CVE-2025-31161 | CrushFTP CVE-2025-31161 Exploit Tool | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Mon Apr 21, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| openpoc | Aggregates multiple data sources related to CVE exploits/PoC. | n/a | n/a | Visit Repo |
| PDF-EXPLOIT | Convert your executables into PDF files with embedded exploits | n/a | n/a | Visit Repo |
| CVE-2025-24016-Wazuh-Remote-Code-Execution-RCE-PoC | A critical RCE vulnerability has been identified in the Wazuh | Remote code execution in Wazuh server |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
|
Visit Repo |
| CVE-2024-28987 | Proof of Concept Exploit for CVE-2024-28987: SolarWinds Web He | SolarWinds Web Help Desk Hardcoded Credential Vulnerability |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2021-34371 | python exploit - Neo4j 3.4.18 - RMI based Remote Code Executio | n/a | n/a | Visit Repo |
| CVE-2025-24071_POC | Microsoft Windows File Explorer Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo | |
| TRA-001-Critical-RCE-Vulnerability-in-Apache-Parquet-CVE-2025-30065-Simulation- | A CVSS 10.0-rated vulnerability in the parquet-avro Java modul | Apache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| CVE-2024-40445_CVE-2024-40446 | This repository serves as the public reference for CVE-2024-40 | n/a | n/a | Visit Repo |
| Next.js-Middleware-Bypass-CVE-2025-29927- | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo | |
| CVE-2024-4577-PHP-RCE | PHP RCE PoC for CVE-2024-4577 written in bash, go, python and | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-0054 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java |
v3.1
MEDIUM
Score: 5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
|
Visit Repo | |
| CVE-2025-30208-template | CVE-2025-30208 vite file read nuclei template | Vite bypasses server.fs.deny when using `?raw??` |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo |
| LibHeif---CVE-2025-XXXXX | Heap Overflow in LibHeif | n/a | n/a | Visit Repo |
| apple-positional-audio-codec-invalid-header | looking into CVE-2025-31200 - can't figure it out yet | n/a | n/a | Visit Repo |
| CVE-2025-3102 | SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Sun Apr 20, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2021-44026-PoC | Bug Chain XSS (CVE-2020-35730 and CVE-2023-43770) to SQLi (CVE | n/a | n/a | Visit Repo |
| CVE-2025-43929 | Medium-severity vulnerability in KiTTY allowing for local exec | n/a |
v3.1
MEDIUM
Score: 4.1
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
|
Visit Repo |
| swa2025042008cvewet2e3w3mbjhgbyimxf | swa2025042008cvewet2e3w3mbjhgbyimxf | n/a | n/a | Visit Repo |
Sat Apr 19, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-43921 | CVE-2025-43921: Unauthorized Mailing List Creation in GNU Mail | n/a |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
Visit Repo |
| CVE-2025-43920 | CVE-2025-43920: Remote Command Injection via Email Subject in | n/a |
v3.1
MEDIUM
Score: 5.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
|
Visit Repo |
| CVE-2025-43919 | CVE-2025-43919: Directory Traversal Vulnerability in GNU Mailm | n/a |
v3.1
MEDIUM
Score: 5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
Visit Repo |
| CVE-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Fri Apr 18, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Thu Apr 17, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Exploit-CVE-2025-24799 | CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection | GLPI allows unauthenticated SQL injection through the inventory endpoint |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo |
Wed Apr 16, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2018-20250-WinRAR-ACE | Proof of concept code in C# to exploit the WinRAR ACE file ext | n/a | n/a | Visit Repo |
| CVE-2025-0282 | PoC for CVE-2025-0282: A remote unauthenticated stack based bu | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-0282-Ivanti-exploit | CVE-2025-0282 is a critical vulnerability found in Ivanti Conn | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-27636-Apache-Camel-PoC | Apache Camel: Camel Message Header Injection via Improper Filtering | n/a | Visit Repo | |
| CVE-2018-20250 | 010 Editor template for ACE archive format & CVE-2018-2025[0-3 | n/a | n/a | Visit Repo |
| CVE_2024_30078_POC_WIFI | basic concept for the latest windows wifi driver CVE | Windows Wi-Fi Driver Remote Code Execution Vulnerability |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| IngressNightmare-PoC | This is a PoC code to exploit the IngressNightmare vulnerabili | n/a | n/a | Visit Repo |
| CVE-2024-30078- | CVE-2024-30078 Detection and Command Execution Script | Windows Wi-Fi Driver Remote Code Execution Vulnerability |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| IngressNightmare-POCs | Worlds First Public POC for CVE-2025-1974 lol | n/a | n/a | Visit Repo |
| CVE-2024-38200 | CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disc | Microsoft Office Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2024-4577 | PHP CGI Argument Injection (CVE-2024-4577) Remote Code Executi | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE_2019_2025_EXP | n/a | n/a | Visit Repo | |
| CVE-2024-49138-POC | POC exploit for CVE-2024-49138 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2025-0401 | Privilege Escalation using Passwd - April Fools prank | 1902756969 reggie CommonController.java download path traversal |
v4.0
MEDIUM
Score: 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
|
Visit Repo |
| CVE-2025-0282 | Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-30208-EXP | CVE-2025-30208-EXP | Vite bypasses server.fs.deny when using `?raw??` |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo |
| CVE-2025-24799 | GLPI allows unauthenticated SQL injection through the inventory endpoint |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo | |
| CVE-2025-24118 | An XNU kernel race condition bug | n/a | n/a | Visit Repo |
| CVE-2025-1974 | ingress-nginx admission controller RCE escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2024-21111 | Oracle VirtualBox Elevation of Privilege (Local Privilege Esca | n/a |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-23897 | CVE-2024-23897 | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.