GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Tue May 13, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| PDF-FUD-Exploit | A meticulous scrutiny of the Exploit PDFs innards exposes a ne | n/a | n/a | Visit Repo |
| CVE-2025-3248 | CVE-2025-3248: A critical flaw has been discovered in Langflow | Langflow Unauth RCE |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| Discord-Image-Logger-Stealer | Ephemeral discourse is embodied by the likes of Messenger Sess | n/a | n/a | Visit Repo |
| CVE-2025-24203-iOS-Exploit-With-Error-Logging | Slightly improved exploit of the CVE-2025-24203 iOS vulnerabil | n/a | n/a | Visit Repo |
| 12345 | CVE-2025-24085漏洞 和 Schemeshare漏洞 | n/a | n/a | Visit Repo |
| eBPF_cve_2024_23651 | BuildKit possible race condition with accessing subpaths from cache mounts |
v3.1
HIGH
Score: 8.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
|
Visit Repo | |
| CVE-2022-21661 | A Python PoC for CVE-2022-21661, adapted from z92g's Go PoC, d | SQL injection in WordPress |
v3.1
HIGH
Score: 8
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-31258-PoC | 1day practice - Escape macOS sandbox (partial) using RemoteVie | n/a | n/a | Visit Repo |
Mon May 12, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-24203-iOS-Exploit-in-Swift | A Swift exploit port of the CVE-2025-24203 iOS vulnerability b | n/a | n/a | Visit Repo |
| ThingsBoard-IoT-Platform-CVE-2024-55466 | n/a | n/a | Visit Repo | |
| exploit-cve | n/a | n/a | Visit Repo | |
| CVE-2024-10220-demo | Arbitrary command execution through gitRepo volume |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo | |
| webpack-cve-2024-43788 | DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS) |
v3.1
MEDIUM
Score: 6.4
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
|
Visit Repo | |
| CVE-2020-24913-exploit | automated SQL injection for QCubed profile.php file | n/a | n/a | Visit Repo |
| Apache-RocketMQ-RCE-CVE-2023-37582-poc | Apache RocketMQ: Possible remote code execution when using the update configuration function | n/a | Visit Repo | |
| CVE-2024-4577_PowerShell | 使用PowsrShell掃描CVE-2024-4577 | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Sun May 11, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-0411-7-Zip-Mark-of-the-Web-Bypass | CVE-2025-0411 7-Zip Mark-of-the-Web Bypass | 7-Zip Mark-of-the-Web Bypass Vulnerability |
v3.0
HIGH
Score: 7
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-24813 | Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT | n/a | Visit Repo | |
| airborn-IOS-CVE-2025-24252 | iOS Airborne vulnerabilities log artifact extractor from LogAr | n/a | n/a | Visit Repo |
| CVE-2025-32583 | WordPress PDF 2 Post Plugin <= 2.4.0 is vulnerable to Remote | WordPress PDF 2 Post Plugin <= 2.4.0 - Remote Code Execution (RCE) vulnerability |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| libmodbus-cve-poc | PoC for buffer overflow in modbus_send_raw_request_tid() - li | n/a | n/a | Visit Repo |
| dirtyZero | Basic customization app using CVE-2025-24203. Patched in iOS 1 | n/a | n/a | Visit Repo |
| CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| CVE-2025-31644 | CVE-2025-31644: Command Injection in Appliance mode in F5 BIG- | Appliance mode BIG-IP iControl REST and tmsh vulnerability |
v4.0
HIGH
Score: 8.5
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:L
|
Visit Repo |
Sat May 10, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| iOS-CVE-2025-24203-Paths | Random paths for use with CVE-2025-24203 | n/a | n/a | Visit Repo |
| CVE-2025-31324 | SAP NetWeaver Visual Composer Metadata Uploader 7.50 CVE-2025- | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-4403 | Drag and Drop Multiple File Upload for WooCommerce <= 1.1.6 - | n/a | n/a | Visit Repo |
| CVE-2025-24813 | Remote Code Execution (RCE) vulnerability in Apache Tomcat. | Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT | n/a | Visit Repo |
| CVE-2017-5487 | PoC for CVE-2017-5487 - WordPress User Enumeration via REST | n/a | n/a | Visit Repo |
| CVE-2024-21533-PoC-ggit | CVE-2024-21533 PoC ggit | n/a |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P
|
Visit Repo |
| CVE-2025-29306_poc | n/a | n/a | Visit Repo | |
| CVE-2024-21532-PoC-ggit | CVE-2024-21532 PoC ggit | n/a |
v3.1
HIGH
Score: 7.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P
|
Visit Repo |
| Mosquitto-CVE-Proof-of-Concept-TOCTOU-and-Symlink-Vulnerability- | n/a | n/a | Visit Repo | |
| CVE-2025-20188 | n/a | n/a | Visit Repo | |
| Hacker-Search | Hacker Search is a feature-rich Chrome extension that transfor | n/a | n/a | Visit Repo |
| CVE-2025-21307 | CVE-2025-21307 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2024-28752 | Apache CXF SSRF CVE-2024-28752 | Apache CXF SSRF Vulnerability using the Aegis databinding | n/a | Visit Repo |
Fri May 09, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Kentico-Xperience-before-13.0.178---XSS-POC | PoC for CVE-2025-2748 - Unauthenticated ZIP file upload with e | n/a | n/a | Visit Repo |
| Poleposph | Tools for scan CVE-2024-25600 - WordPress Bricks Builder Remot | n/a | n/a | Visit Repo |
| CVE-2025-3605 | WordPress Frontend Login and Registration Blocks Plugin <= 1. | n/a | n/a | Visit Repo |
| Predicting-the-Exploit-Availability-for-CVEs-WITH-REGRESSION-AND-CLASSIFICATION-MODELS | This is jupyter file. | n/a | n/a | Visit Repo |
| CVE-2024-13513 | Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - | Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - Sensitive Information Exposure to Privilege Escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-27533-Exploit-for-Apache-ActiveMQ | exploit for CVE-2025-27533, a Denial of Service (DoS) vulnerab | n/a | n/a | Visit Repo |
| dirtyZero | Basic customization app using CVE-2025-24203. Patched in iOS 1 | n/a | n/a | Visit Repo |
| CVE-2024-38475 | CVE-2024-38475 Scanner using FFUF + Seclists | Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. | n/a | Visit Repo |
Thu May 08, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-47550 | Instantio - Wordpress Plugin <= 3.3.16 - Authenticated (Admin+ | n/a | n/a | Visit Repo |
| RCE-PoC-CVE-2021-25646 | A proof-of-concept for the CVE-2021-25646, which allows for Co | Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. | n/a | Visit Repo |
| CVE-2025-47549 | Ultimate Before After Image Slider & Gallery – BEAF <= 4.6.1 | n/a | n/a | Visit Repo |
| HTA-Exploit | Microsoft Windows HTA (HTML Application) - Pinnacle of Remote | n/a | n/a | Visit Repo |
| CVE-2021-42392-exploit-lab | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.