GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Mon Aug 04, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-50592 | n/a | n/a | Visit Repo | |
| CVE-2025-54424 | CVE-2025-54424:1Panel 客户端证书绕过RCE漏洞 一体� | n/a | n/a | Visit Repo |
| WordPress-HT-Contact-CVE-2025-7340-RCE | HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Upload |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-54962 | Authenticated users can upload arbitrary files (e.g. .html, .s | n/a |
v3.1
MEDIUM
Score: 6.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
|
Visit Repo |
| CVE-2025-48384-test | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-51820 | A critical Remote Code Execution (RCE) vulnerability (CVE-2025 | n/a | n/a | Visit Repo |
| CVE-2021-44228 | A simple Log4j PoC written in Go | Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints | n/a | Visit Repo |
| Demonstration-of-CVE-2023-38831-via-Reverse-Shell-Execution | This project demonstrates a simulated exploitation of the WinR | n/a | n/a | Visit Repo |
| CVE-2025-24893 | PoC for CVE-2025-24893: XWiki' Remote Code Execution exploit f | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Sun Aug 03, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2024-4367 | n/a | n/a | Visit Repo | |
| CVE-2025-24893 | This Python script exploits CVE-2025-24893, a remote code exec | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| POC_CVE-2024-4367 | POC | n/a | n/a | Visit Repo |
| CVE-2012-2982-Exploit-Script | A short and sweet simple exploit script for the CVE-2012-2982 | n/a | n/a | Visit Repo |
| CVE-2025-8471 | Exploit SQL injection in projectworlds Online Admissions Syst | projectworlds Online Admission System adminlogin.php sql injection |
v4.0
MEDIUM
Score: 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
|
Visit Repo |
| cve-2025-24893 | Modified exploit for CVE-2025-24893 | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-32019-POC | this is a poc for the CVE-2025-24893 | ndsudo: local privilege escalation via untrusted search path |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-48384 | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| cve-exploits | Repositorio educativo con documentación y PoCs simulados de C | n/a | n/a | Visit Repo |
| CVE-2025-24893-PoC | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-48384-sub | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2024-32019-POC | POC for netdata ndsudo vulnerability - CVE-2024-32019 | ndsudo: local privilege escalation via untrusted search path |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-2782-PoC | CVE-2024-2782 Proof-of-Concept | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
Visit Repo |
| TriBell_Edge_SandBox_Escape | Tribell Edge Sandbox Escape - PoCs of Edge's legacy vulnerabil | n/a | n/a | Visit Repo |
| CVE-2024-2771-PoC | CVE-2024-2771 Proof-of-Concept | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Settings Update and Limited Privilege Escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-24893-RCE-PoC | This is a small script for the rce vulnerability for CVE-2025- | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-48384_sub | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-48384 | PoC for CVE-2025-48384 | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-POCs | A list of better CVE POCs | n/a | n/a | Visit Repo |
Sat Aug 02, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-4606 | Sala - Startup & SaaS WordPress Theme <= 1.1.4 - Unauthenticat | n/a | n/a | Visit Repo |
| CVE-2024-21626-PoC | Root cuase & Proof of cause | runc container breakout through process.cwd trickery and leaked fds |
v3.1
HIGH
Score: 8.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-5394 | Alone – Charity Multipurpose Non-profit WordPress Theme <= 7 | Alone – Charity Multipurpose Non-profit WordPress Theme <= 7.8.3 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE_Fetcher | A PowerShell script with a simple Windows GUI that lets you se | n/a | n/a | Visit Repo |
| CVE-2025-5394 | Alone – Charity Multipurpose Non-profit WordPress Theme <= 7 | Alone – Charity Multipurpose Non-profit WordPress Theme <= 7.8.3 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-24893 | Remote code execution as guest via SolrSearchMacros request in xwiki |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-7847-POC | Wordpress Plugin AI Engine 2.9.3 - 2.9.4 Proof Of Concept | AI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File Upload |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-54135 | Cursor Agent is vulnerable to prompt injection via MCP Special Files |
v3.1
HIGH
Score: 8.6
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-53770-SharePoint-Deserialization-RCE-PoC | A critical vulnerability in Microsoft SharePoint Server allows | Microsoft SharePoint Server Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C
|
Visit Repo |
| CVE-2025-34100-demo | Demo web server | n/a | n/a | Visit Repo |
| advisories | Security vulnerability analysis writeups POCs inclusive of CVE | n/a | n/a | Visit Repo |
| CVE-2025-32463-lab | Explore the CVE-2025-32463 lab environment for testing the sud | n/a |
v3.1
CRITICAL
Score: 9.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Fri Aug 01, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2022-22965 | Spring4Shell (POC) | n/a | n/a | Visit Repo |
| fire-wall-server | Python-based simulated firewall to detect and block Spring4She | n/a | n/a | Visit Repo |
| CVE-2025-41373 | PoC for CVE-2025-41373 Authenticated SQL Injection in Gandia | SQL injection vulnerability in Gandia Integra Total |
v4.0
HIGH
Score: 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
|
Visit Repo |
| CVE-2025-20229 | Remote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp“ directory in Splunk Enterprise |
v3.1
HIGH
Score: 8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2020-21365-PoC | PoC for directory traversal and exposure on wkhtmltopdf 12.0.5 | n/a | n/a | Visit Repo |
| CVE-2025-46018-CSC-Pay-Mobile-App-Payment-Authentication-Bypass | Disclosure of CVE-2025-46018: A Bluetooth-based payment bypass | n/a | n/a | Visit Repo |
| cve-2017-12629 | Remote code execution occurs in Apache Solr before 7.1 with Ap | n/a | n/a | Visit Repo |
| SPIP-BigUp-Unauthenticated-RCE-Exploit-CVE-2024-8517 | This Python exploit targets a critical unauthenticated Remote | SPIP Bigup Multipart File Upload OS Command Injection |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| QuarkPoC | iOS Application w/Implementation of CVE-2024-27804 | n/a | n/a | Visit Repo |
| CVE-2023-46818 | Python PoC for CVE-2023-46818 | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.