GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Sun Apr 27, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-46657 | n/a |
v3.1
HIGH
Score: 7.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
|
Visit Repo | |
| CVE-2025-32432 | CraftCMS RCE Checker (CVE-2025-32432) | Craft CMS Allows Remote Code Execution |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
|
Visit Repo |
| CVE-2025-1974 | WHS3기 가상화 취약한(CVE) Docker 환경 구성 과제 | ingress-nginx admission controller RCE escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| DrSudo | DrSudo is an automation pentesting tool to perform scanning, e | n/a | n/a | Visit Repo |
| ExploitCVE2025 | ExploitCVE2025 - SAP Path Traversal Auto-Exploit Tool | n/a | n/a | Visit Repo |
| CVE-2025-32433 | CVE-2025-32433 Summary and Attack Overview | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-Walkthrough | Practicing Infamous CVE Walkthroughs via Docker Containers. By | n/a | n/a | Visit Repo |
| CVE-Scanner | CVE-2021-42287/CVE-2021-42278/OTHER Scanner & Exploiter. | n/a | n/a | Visit Repo |
| CVE-2025-32432 | This repository contains a proof-of-concept exploit script for | Craft CMS Allows Remote Code Execution |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
|
Visit Repo |
| CVE-2025-3248-langflow-RCE | CVE-2025-3248 Langflow 사전 인증 원격 코드 실행 취� | Langflow Unauth RCE |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| cve-2024-31317 | Detailed discussion of Zygote vulnerability CVE-2024-31317 | n/a | n/a | Visit Repo |
| CVE-2025-2294 | Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-24054-PoC | Proof of Concept for the NTLM Hash Leak via .library-ms CVE-20 | NTLM Hash Disclosure Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo |
Sat Apr 26, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE2023-1389 | TP-Link Archer AX21 Command Injection Exploit (CVE-2023-1389) | n/a | n/a | Visit Repo |
| CVE-2025-1974 | ingress-nginx admission controller RCE escalation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2025-0927 | n/a | n/a | Visit Repo | |
| CVE-2016-10033-PoC | A PoC of CVE-2016-10033 I made for PentesterLab | n/a | n/a | Visit Repo |
| CVE-2019-5420-PoC | A PoC of CVE-2019-5420 I made for PentesterLab | n/a | n/a | Visit Repo |
| CVE-2024-32830-poc | PoC code to download files with CVE-2024-32830 | WordPress buddyforms plugin <= 2.8.8- Arbitrary File Read and SSRF vulnerability |
v3.1
HIGH
Score: 8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
|
Visit Repo |
| CVE-2025-32433 | CVE-2025-32433 Erlang/OTP SSH RCE Exploit SSH远程代码执� | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-3102-exploit | Exploitation of an authorization bypass vulnerability in the S | SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2023-1545 | Python Proof of Concept for CVE-2023-1545 (SQL Injection for T | SQL Injection in nilsteampassnet/teampass |
v3.0
HIGH
Score: 7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo |
| CVE-2025-31324 | SAP NetWeaver Visual Composer Metadata Uploader is not protect | Missing Authorization check in SAP NetWeaver (Visual Composer development server) |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2016-2098-PoC | A PoC of CVE-2016-2098 I made for PentesterLab | n/a | n/a | Visit Repo |
| CVE-2025-32433 | Erlang OTP SSH NSE Discovery Script | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2018-0114-PoC | A PoC of CVE-2018-0114 I made for PentesterLab | n/a | n/a | Visit Repo |
Fri Apr 25, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2024-24919-Incident-Report.md | Information disclosure |
v3.1
HIGH
Score: 8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
|
Visit Repo | |
| CVE-2025-3102_v2 | Checks the SureTriggers WordPress plugin's readme.txt file for | SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-3102 | Detects the version of the SureTriggers WordPress plugin from | SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| IronLocker-Ransomware | STRONGEST RAAS EVER | n/a | n/a | Visit Repo |
| CVE-2025-29927 | Next.js middleware bypass PoC | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| commvault-cve2025-34028-check | Commvault CVE-2025-34028 endpoint scanner using Nmap NSE. For | n/a | n/a | Visit Repo |
| CVE-2025-32433 | CVE-2025-32433 https://github.com/erlang/otp/security/advisori | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-2812 | USOM Tarafından resmi yayın beklenmektedir. | SQLi in Mydata Informatics' Ticket Sales Automation |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-42471-PoC | unzip-stream file write/overwrite vulnerability | Arbitrary File Write via artifact extraction in actions/artifact |
v3.1
HIGH
Score: 7.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2024-12905-PoC | tar-fs file write/overwrite vulnerability | n/a |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
Visit Repo |
| cve-2025-21497-lab | CSC180 final project presentation of a vulnerable CVE | n/a |
v3.1
MEDIUM
Score: 5.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
|
Visit Repo |
| cve-2023-30861-poc | Flask CVE-2023-30861 Poc 환경구축 | Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header |
v3.1
HIGH
Score: 7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo |
| CVE-2025-2404 | USOM Tarafından resmi yayın beklenmektedir. | n/a | n/a | Visit Repo |
| CVE-2025-29306-PoC-FoxCMS-RCE | Proof-of-Concept (PoC) for CVE-2025-29306, a Remote Code Execu | n/a | n/a | Visit Repo |
| Reset-inetpub | Restore the integrity of the parent 'inetpub' folder following | n/a | n/a | Visit Repo |
| CVE-2025-3243 | A proof-of-concept exploit for CVE-2025-32433, a critical vuln | code-projects Patient Record Management System dental_form.php sql injection |
v4.0
MEDIUM
Score: 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
|
Visit Repo |
| CVE-2025-2301 | USOM Tarafından resmi yayın beklenmektedir. | n/a | n/a | Visit Repo |
| CVE-2021-43857-POC | Optimized exploit for CVE-2021-43857 affecting Gerapy < 0.9.8 | Gerapy may contain remote code execution vulnerability |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-31161_exploit | CVE-2025-31161 python exploit | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Thu Apr 24, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| lab_CVE-2025-32433 | CVE lab to accompany CVE course for CVE-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-7120-Exploit-by-Dark-07x | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_base_config.php os command injection |
v4.0
MEDIUM
Score: 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
|
Visit Repo | |
| CVE-2025-30208-Series | Analysis of the Reproduction of CVE-2025-30208 Series Vulnerab | Vite bypasses server.fs.deny when using `?raw??` |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo |
| Nuclei_CVE-2025-31161_CVE-2025-2825 | Official Nuclei template for CVE-2025-31161 (formerly CVE-2025 | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-3776 | WordPress Verification SMS with TargetSMS Plugin <= 1.5 is vu | Verification SMS with TargetSMS <= 1.5 - Unauthenticated Limited Remote Code Execution |
v3.1
HIGH
Score: 8.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.