GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Fri Aug 22, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2024-4367 | n/a | n/a | Visit Repo | |
| CVE-2025-27519 | PoC exploit for Below privilege escalation (CVE-2025-27591) al | Cognita Arbitrary File Write |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
|
Visit Repo |
| nmap-cve-exploit-finder | Run nmap, parse detected services, fetch related CVEs from NVD | n/a | n/a | Visit Repo |
| CVE.py | CVE-2025-8418.py | n/a | n/a | Visit Repo |
| CVE-2025-1337-PoC | Eastnets PaymentSafe BIC Search cross site scripting |
v4.0
MEDIUM
Score: 5.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
|
Visit Repo |
Thu Aug 21, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-55287-POC | Authenticated stored XSS priv esc PoC. Affects Genealogy versi | n/a | n/a | Visit Repo |
| CVE-2015-8351_Otter_Remix | Exploit code for CVE-2015-8351 | n/a | n/a | Visit Repo |
| PoC-CVE-2025-8671-MadeYouReset-HTTP-2 | PoC para validar vulnerabilidade MadeYouReset | n/a | n/a | Visit Repo |
| CVE-Analyzer | 2025-2 ASC Project : AI 기반 CVE 자동 분석 및 실행 | n/a | n/a | Visit Repo |
| CVE-2025-43300 | n/a | n/a | Visit Repo | |
| CVE-2025-53786 | Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 8
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| CVE-2025-9132 | n/a | n/a | Visit Repo | |
| cve-2025-22235-demo | Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed |
v3.1
HIGH
Score: 7.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
|
Visit Repo | |
| WinRAR-CVE-2025-8088-PoC-RAR | Demonstrate the WinRAR CVE-2025-8088 exploit with a PoC RAR a | n/a | n/a | Visit Repo |
| CVE-2025-8088 | This PoC is for authorized study and testing. CVE-2025-8088 is | n/a | n/a | Visit Repo |
| CVE-2025-25256-PoC | CVE-2025-25256: Fortinet FortiSIEM OS Command Injection CVE Po | n/a | n/a | Visit Repo |
| CVE-2023-35078 | CVE-2023-35078 - Ivanti MobileIron Core Remote Unauthenticated | n/a |
v3.0
CRITICAL
Score: 10
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2023-41892_poc | Customized this for my own use | Craft CMS Remote Code Execution vulnerability |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
|
Visit Repo |
| glibcs | Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the g | n/a | n/a | Visit Repo |
| Project-Project-Chimera-Exploiting-a-Modern-WordPress-XXE-to-Pillage-Secrets- | The objective is to conduct a full-scale security assessment o | n/a | n/a | Visit Repo |
| CVE-2024-3721---POC | POC on how mirai can target " CVE-2024-3721 " { TBK DVR-4104 a | TBK DVR-4104/DVR-4216 os command injection |
v3.1
MEDIUM
Score: 6.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
|
Visit Repo |
Wed Aug 20, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-48384 | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| echteeteepee | Go tool and Nuclei template for testing James Kettle's (CVE-20 | n/a | n/a | Visit Repo |
| CVE-2018-7600-Remote-Code-Execution | This repository showcases a fully self-developed Proof-of-Conc | n/a | n/a | Visit Repo |
| CVE-2025-55188-7z-exploit | ️ Demonstrate CVE-2025-55188, a 7-Zip vulnerability allowing | n/a | n/a | Visit Repo |
| CVE-2025-48384-POC | Git allows arbitrary code execution through broken config quoting |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-54782 | @nestjs/devtools-integration's CSRF to Sandbox Escape Allows for RCE against JS Developers |
v4.0
CRITICAL
Score: 9.4
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo | |
| CVE-2025-8889 | n/a | n/a | Visit Repo | |
| Soosyze-CMS-2.0---CVE-2025-52392 | Este script em Bash demonstra como seria um ataque automatizad | n/a | n/a | Visit Repo |
| vsftpd-exploit | A step-by-step walkthrough of exploiting the vsFTPd 2.3.4 back | n/a | n/a | Visit Repo |
| CVE-2014-4725 | exploiter | n/a | n/a | Visit Repo |
| CVE-2025-8088-Winrar-Tool-Gui | n/a | n/a | Visit Repo | |
| CVE-2025-5777 | Exploit for CVE-2025-5777: Citrix NetScaler Memory Disclosure | NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
|
Visit Repo |
| cve-2025-34036 | Shenzhen TVT CCTV-DVR Command Injection |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo | |
| CVE-2025-31324-Exploits | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2024-4577 | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Tue Aug 19, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2024-36042 | CVE-2024-36042 Silverpeas authentication bypass vulnerability | n/a | n/a | Visit Repo |
| CVE-2024-53900 | n/a | n/a | Visit Repo | |
| Nextjs-middleware-vulnerable-appdemo-CVE-2025-29927 | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo | |
| CVE-2025-8723 | Cloudflare Image Resizing <= 1.5.6 | Unauthenticated Remote Co | Cloudflare Image Resizing <= 1.5.6 - Missing Authentication to Unauthenticated Remote Code Execution via rest_pre_dispatch Hook |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-50383 | n/a | n/a | Visit Repo | |
| CVE-2019-5688 | POC Code for the NVFLASH driver | n/a | n/a | Visit Repo |
| WinRAR-Exploit-Builder | The WinRAR Exploit Builder is a C# project designed to create | n/a | n/a | Visit Repo |
| CVE-2025-8671-MadeYouReset-HTTP-2-DDoS | CVE-2025-25063 MadeYouReset HTTP/2 DDoS | n/a | n/a | Visit Repo |
| CVE-2020-36708 | Proof of concept for CVE-2020-36708 | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-49113-Roundcube-RCE-PHP | This is a rewritten exploit to work with php | n/a |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Mon Aug 18, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-25063-MadeYouReset-HTTP-2-DDoS | CVE-2025-25063 MadeYouReset HTTP/2 DDoS | n/a |
v3.1
MEDIUM
Score: 4.4
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
|
Visit Repo |
| cve-2024-32019-PoC | ndsudo: local privilege escalation via untrusted search path |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo | |
| Cisco-ISE-3.0---Remote-Code-Execution-RCE- | Esse script explora a vulnerabilidade CVE-2025-20124 — uma f | n/a | n/a | Visit Repo |
| CVE-2025-54424 | CVE-2025-54424: 1Panel TLS client cert bypass enables RCE via | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.