GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Wed May 14, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-32407 | CVE-2025-32407 PoC | n/a | n/a | Visit Repo |
| CVE-2025-27636-Practical-Lab | Apache Camel: Camel Message Header Injection via Improper Filtering | n/a | Visit Repo | |
| CVE-2024-37010 | Exploit for the CVE-2024-37010: access other user's external s | n/a | n/a | Visit Repo |
| CVE-2025-27636-Pratctical-Lab | Apache Camel: Camel Message Header Injection via Improper Filtering | n/a | Visit Repo | |
| CVE-2025-24132-Scanner | n/a | n/a | Visit Repo | |
| CVE-2015-3306 | This contains single-file exploit for ProFTPd 1.3.5 mod_copy ( | n/a | n/a | Visit Repo |
| railsecure | AI-powered cybersecurity awareness platform, a proof-of-concep | n/a | n/a | Visit Repo |
| CVE-2021-4034 | This contains single-file exploit for cve-2021-4034 which is a | n/a | n/a | Visit Repo |
| CVE-2025-29824 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
|
Visit Repo |
Tue May 13, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-2294 | Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File In | Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| HTA-Exploit | Microsoft Windows HTA (HTML Application) - Pinnacle of Remote | n/a | n/a | Visit Repo |
| Slient-URL-Exploit | URL Contamination Exploit Muted Java Drive-By downloads can tr | n/a | n/a | Visit Repo |
| PDF-FUD-Exploit | A meticulous scrutiny of the Exploit PDFs innards exposes a ne | n/a | n/a | Visit Repo |
| CVE-2025-3248 | CVE-2025-3248: A critical flaw has been discovered in Langflow | Langflow Unauth RCE |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| Discord-Image-Logger-Stealer | Ephemeral discourse is embodied by the likes of Messenger Sess | n/a | n/a | Visit Repo |
| CVE-2025-24203-iOS-Exploit-With-Error-Logging | Slightly improved exploit of the CVE-2025-24203 iOS vulnerabil | n/a | n/a | Visit Repo |
| 12345 | CVE-2025-24085漏洞 和 Schemeshare漏洞 | n/a | n/a | Visit Repo |
| eBPF_cve_2024_23651 | BuildKit possible race condition with accessing subpaths from cache mounts |
v3.1
HIGH
Score: 8.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
|
Visit Repo | |
| CVE-2022-21661 | A Python PoC for CVE-2022-21661, adapted from z92g's Go PoC, d | SQL injection in WordPress |
v3.1
HIGH
Score: 8
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-31258-PoC | 1day practice - Escape macOS sandbox (partial) using RemoteVie | n/a | n/a | Visit Repo |
Mon May 12, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-24203-iOS-Exploit-in-Swift | A Swift exploit port of the CVE-2025-24203 iOS vulnerability b | n/a | n/a | Visit Repo |
| ThingsBoard-IoT-Platform-CVE-2024-55466 | n/a | n/a | Visit Repo | |
| exploit-cve | n/a | n/a | Visit Repo | |
| CVE-2024-10220-demo | Arbitrary command execution through gitRepo volume |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo | |
| webpack-cve-2024-43788 | DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS) |
v3.1
MEDIUM
Score: 6.4
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
|
Visit Repo | |
| CVE-2020-24913-exploit | automated SQL injection for QCubed profile.php file | n/a | n/a | Visit Repo |
| Apache-RocketMQ-RCE-CVE-2023-37582-poc | Apache RocketMQ: Possible remote code execution when using the update configuration function | n/a | Visit Repo | |
| CVE-2024-4577_PowerShell | 使用PowsrShell掃描CVE-2024-4577 | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Sun May 11, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-0411-7-Zip-Mark-of-the-Web-Bypass | CVE-2025-0411 7-Zip Mark-of-the-Web Bypass | 7-Zip Mark-of-the-Web Bypass Vulnerability |
v3.0
HIGH
Score: 7
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-24813 | Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT | n/a | Visit Repo | |
| airborn-IOS-CVE-2025-24252 | iOS Airborne vulnerabilities log artifact extractor from LogAr | n/a | n/a | Visit Repo |
| CVE-2025-32583 | WordPress PDF 2 Post Plugin <= 2.4.0 is vulnerable to Remote | WordPress PDF 2 Post Plugin <= 2.4.0 - Remote Code Execution (RCE) vulnerability |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| libmodbus-cve-poc | PoC for buffer overflow in modbus_send_raw_request_tid() - li | n/a | n/a | Visit Repo |
| dirtyZero | Basic customization app using CVE-2025-24203. Patched in iOS 1 | n/a | n/a | Visit Repo |
| CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| CVE-2025-31644 | CVE-2025-31644: Command Injection in Appliance mode in F5 BIG- | Appliance mode BIG-IP iControl REST and tmsh vulnerability |
v4.0
HIGH
Score: 8.5
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:L
|
Visit Repo |
Sat May 10, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| iOS-CVE-2025-24203-Paths | Random paths for use with CVE-2025-24203 | n/a | n/a | Visit Repo |
| CVE-2025-31324 | SAP NetWeaver Visual Composer Metadata Uploader 7.50 CVE-2025- | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-4403 | Drag and Drop Multiple File Upload for WooCommerce <= 1.1.6 - | n/a | n/a | Visit Repo |
| CVE-2025-24813 | Remote Code Execution (RCE) vulnerability in Apache Tomcat. | Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT | n/a | Visit Repo |
| CVE-2017-5487 | PoC for CVE-2017-5487 - WordPress User Enumeration via REST | n/a | n/a | Visit Repo |
| CVE-2024-21533-PoC-ggit | CVE-2024-21533 PoC ggit | n/a |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P
|
Visit Repo |
| CVE-2025-29306_poc | n/a | n/a | Visit Repo | |
| CVE-2024-21532-PoC-ggit | CVE-2024-21532 PoC ggit | n/a |
v3.1
HIGH
Score: 7.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P
|
Visit Repo |
| Mosquitto-CVE-Proof-of-Concept-TOCTOU-and-Symlink-Vulnerability- | n/a | n/a | Visit Repo | |
| CVE-2025-20188 | n/a | n/a | Visit Repo | |
| Hacker-Search | Hacker Search is a feature-rich Chrome extension that transfor | n/a | n/a | Visit Repo |
| CVE-2025-21307 | CVE-2025-21307 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| CVE-2024-28752 | Apache CXF SSRF CVE-2024-28752 | Apache CXF SSRF Vulnerability using the Aegis databinding | n/a | Visit Repo |
Fri May 09, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Kentico-Xperience-before-13.0.178---XSS-POC | PoC for CVE-2025-2748 - Unauthenticated ZIP file upload with e | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.