GitHub Feed
Explore the latest GitHub repositories gathered from our feed. Entries are grouped by day to help you track developments quickly.
Thu Apr 24, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| WinRAR-Exploit-Builder | The WinRAR Exploit Builder is a C# project designed to create | n/a | n/a | Visit Repo |
| CVE-2025-31161 | Проверка наличие пути /WebInterface/functio | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2024-27876 | libAppleArchive exploit maker, read the writeup here https://s | n/a | n/a | Visit Repo |
| CVE-2025-30406 | Exploit for CVE-2025-30406 | n/a |
v3.1
CRITICAL
Score: 9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Wed Apr 23, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| Erlang-OTP-CVE-2025-32433 | This Python script exploits the CVE-2025-32433 vulnerability i | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| letsdefend-cve-2024-49138-investigation | Hands-on SOC investigation of CVE-2024-49138 using LetsDefend, | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
v3.1
HIGH
Score: 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
|
Visit Repo |
| HTA-Exploit | Microsoft Windows HTA (HTML Application) - Pinnacle of Remote | n/a | n/a | Visit Repo |
| CVE-2025-32965-xrpl-js-poc | CVE Kodu: CVE-2025-32965 Zafiyet Türü: Supply Chain Attack | Compromised xrpl.js versions 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2 |
v4.0
CRITICAL
Score: 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
|
Visit Repo |
| vulnerability-in-Remix-React-Router-CVE-2025-31137- | Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers |
v3.0
HIGH
Score: 7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
Visit Repo | |
| PDF-FUD-Exploit | A meticulous scrutiny of the Exploit PDFs innards exposes a ne | n/a | n/a | Visit Repo |
| Slient-URL-Exploit | URL Contamination Exploit Muted Java Drive-By downloads can tr | n/a | n/a | Visit Repo |
| Jpg-Png-Exploit-Slient-Builder-Exploit-Database-Cve-2023-Malware | In the hushed galleries of the Silent JPG Exploit, a symphony | n/a | n/a | Visit Repo |
| Discord-Image-Logger-Stealer | Ephemeral discourse is embodied by the likes of Messenger Sess | n/a | n/a | Visit Repo |
| CVE-2025-29927 | CVE-2025-29927: Next.js Middleware Bypass Vulnerability | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2025-24963 | Browser mode serves arbitrary files in vitest |
v3.1
MEDIUM
Score: 5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
Visit Repo |
Tue Apr 22, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-32140 | WordPress WP Remote Thumbnail Plugin <= 1.3.2 is vulnerable t | WordPress WP Remote Thumbnail Plugin <= 1.3.1 - Arbitrary File Upload vulnerability |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-29529 | SQLi ITC Multiplan v3.7.4.1002 (CVE-2025-29529) | n/a | n/a | Visit Repo |
| CVE-PoC-Hunter | n/a | n/a | Visit Repo | |
| CVE-2025-42599 | n/a |
v3.0
CRITICAL
Score: 9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo | |
| CVE-2024-38828 | CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
Visit Repo | |
| Gigacenter_cwmp_poc | POC for exploitation of Gigacenter devices (cwmp) no-CVE | n/a | n/a | Visit Repo |
| CVE-2025-24054-PoC | Proof of Concept for the NTLM Hash Leak via .library-ms CVE-20 | NTLM Hash Disclosure Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo |
| FOXCMS-CVE-2025-29306-POC | n/a | n/a | Visit Repo | |
| TRAI-001-Critical-RCE-Vulnerability-in-Apache-Parquet-CVE-2025-30065-Simulation | A CVSS 10.0-rated vulnerability in the parquet-avro Java modul | Apache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| CVE-2025-43919-POC | A new vulnerability has been discovered in GNU Mailman 2.1.39, | n/a |
v3.1
MEDIUM
Score: 5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
Visit Repo |
| swa20250422031chj2zy8d3cvekhdprezlu | swa20250422031chj2zy8d3cvekhdprezlu | n/a | n/a | Visit Repo |
| CVE-2025-31161 | CrushFTP CVE-2025-31161 Exploit Tool | n/a |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Mon Apr 21, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| openpoc | Aggregates multiple data sources related to CVE exploits/PoC. | n/a | n/a | Visit Repo |
| PDF-EXPLOIT | Convert your executables into PDF files with embedded exploits | n/a | n/a | Visit Repo |
| CVE-2025-24016-Wazuh-Remote-Code-Execution-RCE-PoC | A critical RCE vulnerability has been identified in the Wazuh | Remote code execution in Wazuh server |
v3.1
CRITICAL
Score: 9.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
|
Visit Repo |
| CVE-2024-28987 | Proof of Concept Exploit for CVE-2024-28987: SolarWinds Web He | SolarWinds Web Help Desk Hardcoded Credential Vulnerability |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo |
| CVE-2021-34371 | python exploit - Neo4j 3.4.18 - RMI based Remote Code Executio | n/a | n/a | Visit Repo |
| CVE-2025-24071_POC | Microsoft Windows File Explorer Spoofing Vulnerability |
v3.1
MEDIUM
Score: 6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
|
Visit Repo | |
| TRA-001-Critical-RCE-Vulnerability-in-Apache-Parquet-CVE-2025-30065-Simulation- | A CVSS 10.0-rated vulnerability in the parquet-avro Java modul | Apache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata |
v4.0
CRITICAL
Score: 10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
|
Visit Repo |
| CVE-2024-40445_CVE-2024-40446 | This repository serves as the public reference for CVE-2024-40 | n/a | n/a | Visit Repo |
| Next.js-Middleware-Bypass-CVE-2025-29927- | Authorization Bypass in Next.js Middleware |
v3.1
CRITICAL
Score: 9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
Visit Repo | |
| CVE-2024-4577-PHP-RCE | PHP RCE PoC for CVE-2024-4577 written in bash, go, python and | Argument Injection in PHP-CGI |
v3.1
CRITICAL
Score: 9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
| CVE-2025-0054 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java |
v3.1
MEDIUM
Score: 5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
|
Visit Repo | |
| CVE-2025-30208-template | CVE-2025-30208 vite file read nuclei template | Vite bypasses server.fs.deny when using `?raw??` |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
|
Visit Repo |
| LibHeif---CVE-2025-XXXXX | Heap Overflow in LibHeif | n/a | n/a | Visit Repo |
| apple-positional-audio-codec-invalid-header | looking into CVE-2025-31200 - can't figure it out yet | n/a | n/a | Visit Repo |
| CVE-2025-3102 | SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation |
v3.1
HIGH
Score: 8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Visit Repo |
Sun Apr 20, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2021-44026-PoC | Bug Chain XSS (CVE-2020-35730 and CVE-2023-43770) to SQLi (CVE | n/a | n/a | Visit Repo |
| CVE-2025-43929 | Medium-severity vulnerability in KiTTY allowing for local exec | n/a |
v3.1
MEDIUM
Score: 4.1
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
|
Visit Repo |
| swa2025042008cvewet2e3w3mbjhgbyimxf | swa2025042008cvewet2e3w3mbjhgbyimxf | n/a | n/a | Visit Repo |
Sat Apr 19, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-43921 | CVE-2025-43921: Unauthorized Mailing List Creation in GNU Mail | n/a |
v3.1
MEDIUM
Score: 5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
Visit Repo |
| CVE-2025-43920 | CVE-2025-43920: Remote Command Injection via Email Subject in | n/a |
v3.1
MEDIUM
Score: 5.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
|
Visit Repo |
| CVE-2025-43919 | CVE-2025-43919: Directory Traversal Vulnerability in GNU Mailm | n/a |
v3.1
MEDIUM
Score: 5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
Visit Repo |
| CVE-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
Fri Apr 18, 2025
| Repository | Description | CVE | Metrics | Action |
|---|---|---|---|---|
| CVE-2025-32433 | Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
v3.1
CRITICAL
Score: 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
Visit Repo |
GitHub Threat Intelligence at a Glance
Stay on top of cybersecurity developments and open-source research through daily GitHub updates.
Jump into a repository to explore code, documentation, or CVE-related insights.