GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Sat May 03, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-24054 | NTLM Hash Disclosure Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo | |
| CVE-2025-3928 | Commvault Web Server unspecified vulnerability |
v4.0
HIGH
Score: 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
|
Visit Repo | |
| Zero-Day-Vulnerability-Exploitation-Detection-Tool | An AI-powered tool to predict and prevent zero-day attacks on | n/a | n/a | Visit Repo |
| Anydesk-Exploit-CVE-2025-12654-RCE-Builder | Exploit development targets vulnerabilities using tools like e | n/a | n/a | Visit Repo |
| redteam-walkthroughs | A practical cybersecurity portfolio showcasing real-world CVE | n/a | n/a | Visit Repo |
| Office-Exploit-Cve2025-Xml-Doc-Docx-Rce-Builder-Fud | Exploit development targets vulnerabilities like CVE-2025-4422 | n/a | n/a | Visit Repo |
| Analysis-of-TomcatKiller---CVE-2025-31650-Exploit-Tool | Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame | n/a | Visit Repo | |
| CVE-2024-31317-PoC-Deployer | n/a | n/a | Visit Repo | |
| Phantom-Registy-Exploit-Cve2025-20682-Runtime-Fud-Lnk | Exploit development involves tools like exploitation framework | n/a | n/a | Visit Repo |
| CVE-2025-1304 | WordPress NewsBlogger Theme <= 0.2.5.1 is vulnerable to Arbit | NewsBlogger <= 0.2.5.1 - Authenticated (Subscriber+) Arbitrary File Upload |
v3.1
HIGH
Score: 8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CMD-Exploit-CVE-2024-RCE-AboRady-FUD-25765-Injection | Exploit development uses tools like exploitation frameworks an | n/a | n/a | Visit Repo |
| CVE-2024-23113 | This python scripts searches a client list to see if their For | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C
|
Visit Repo |
| CVE-2020-13151-POC-Aerospike-Server-Host-Command-Execution-RCE- | n/a | n/a | Visit Repo | |
| CP-XR-DE21-S--4G-Router-Vulnerabilities | This report is for CVE-2025-44039 reserved for Router UART vul | n/a | n/a | Visit Repo |
| Onapsis-Mandiant-CVE-2025-31324-Vuln-Compromise-Assessment | CVE-2025-31324 vulnerability and compromise assessment tool | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| Anydesk-Exploit-CVE-2025-12654-RCE-Builder | Exploit development targets vulnerabilities using tools like e | n/a | n/a | Visit Repo |
| CVE-POCs | POCs I have created for CVEs | n/a | n/a | Visit Repo |
| Lnk-Exploit-FileBinder-Certificate-Spoofer-Reg-Doc-Cve-Rce | Exploit development involves tools like exploitation framework | n/a | n/a | Visit Repo |
| CVE-2023-46818 | CVE-2023-46818 - ISPConfig PHP Code Injection PoC Exploit (Bas | n/a | n/a | Visit Repo |
| CVE-2025-31161 | CVE-2025-31161, a critical authentication bypass vulnerability | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CMD-Exploit-CVE-2024-RCE-AboRady-FUD-25765-Injection | Exploit development uses tools like exploitation frameworks an | n/a | n/a | Visit Repo |
| Erlang-OTP-SSH-CVE-2025-32433 | CVE-2025-32433 – Erlang/OTP SSH vulnerability allowing pre-a | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2016-5195 | CVE-2016-5195 linux kernel exploit | n/a | n/a | Visit Repo |
| CVE-2024-27956 | CVE-2024-27956 - WP Automatic SQL Injection Exploit Tool | WordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary SQL Execution vulnerability |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L
|
Visit Repo |
Thu May 01, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| temp-cve-poc | NOthing much some files here | n/a | n/a | Visit Repo |
| CVE-2025-20029-simulation | Simulated environment for CVE-2025-20029 using Docker. Include | BIG-IP iControl REST and tmsh vulnerability |
v4.0
HIGH
Score: 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
|
Visit Repo |
| CVE-2025-31324 | A Python-based security scanner for identifying the CVE-2025-3 | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-42599 | n/a |
v3.0
CRITICAL
Score: 9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Wed Apr 30, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2024-40635_POC | Proof of Concept code for proving CVE-2024-40635 vulnerability | containerd has an integer overflow in User ID handling |
v3.1
MEDIUM
Score: 4.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
|
Visit Repo |
| CVE-2025-39538 | WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Uploa | WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability |
v3.1
MEDIUM
Score: 6.6
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
|
Visit Repo |
| CVE-2025-24271 | Vulnerabilidad en AirPlay expone información sensible en disp | n/a | n/a | Visit Repo |
| CVE-2025-30392 | Azure AI bot Elevation of Privilege Vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo | |
| jsp-webshell-scanner | A simple Bash script to detect malicious JSP webshells, inclu | n/a | n/a | Visit Repo |
| CVE-2025-31324-File-Upload | A totally unauthenticated file-upload endpoint in Visual Compo | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-31650 | CVE-2025-31650 PoC | Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame | n/a | Visit Repo |
| CVE-2019-0708-POC | n/a | n/a | Visit Repo | |
| CVE-2025-21756 | vsock: Keep the binding until socket destruction | n/a | Visit Repo | |
| CVE-2024-36401_Geoserver_RCE_POC | 本脚本是针对 GeoServer 的远程代码执行漏洞(CVE | Remote Code Execution (RCE) vulnerability in evaluating property name expressions in Geoserver |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| Burp_CVE-2025-31324 | Python-based Burp Suite extension is designed to detect the pr | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| cve-2025-29775 | POCs for CVE-2025-29775 | xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
|
Visit Repo |
| TomcatKiller-CVE-2025-31650 | A tool designed to detect the vulnerability **CVE-2025-31650** | Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame | n/a | Visit Repo |
Tue Apr 29, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-32433_PoC | This script is a custom security tool designed to test for a c | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| TPLink-VN020-DoS | TPLink VN020-F3v Denial of Service (CVE-2024-12342) | n/a | n/a | Visit Repo |
| AirBorne-PoC | poc for CVE-2025-24252 & CVE-2025-24132 | n/a | n/a | Visit Repo |
| Erlang-OTP-SSH-CVE-2025-32433 | Exploit Erlang/OTP SSH CVE-2025-32433 in a lab setup. | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-32433_Erlang-OTP | This script is a custom security tool designed to test for a c | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-Scanner | CVE-2021-42287/CVE-2021-42278/OTHER Scanner & Exploiter. | n/a | n/a | Visit Repo |
| CVE-2025-29927 | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo | |
| Jpg-Png-Exploit-Slient-Builder-Exploit-Database-Cve-2023-Malware | In the hushed galleries of the Silent JPG Exploit, a symphony | n/a | n/a | Visit Repo |
| Slient-URL-Exploit | URL Contamination Exploit Muted Java Drive-By downloads can tr | n/a | n/a | Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.