c137req/CVE-2025-6713 craft aggregation pipeline to access data without proper authorisation due to improper handling of $mergeCursors in MongoDB >v8.0 <8.0.7, >v7.0 <7.0.19, >v6.0 <6.0.22 Create: 2025-08-23 16:20:02 +0000 UTC Push: 2025-08-23 16:20:02 +0000 UTC |

shoucheng3/x-stream__xstream_CVE-2021-21345_1-4-15 Create: 2025-08-23 14:57:19 +0000 UTC Push: 2025-08-23 14:57:19 +0000 UTC |

shoucheng3/x-stream__xstream_CVE-2020-26217_1-4-14-java7 Create: 2025-08-23 14:48:38 +0000 UTC Push: 2025-08-23 14:49:19 +0000 UTC |

threadpoolx/CVE-2025-30406-CentreStack-Triofox-Deserialization-RCE Create: 2025-08-23 14:37:59 +0000 UTC Push: 2025-08-23 14:38:00 +0000 UTC |

threadpoolx/CVE-2025-24813-Remote-Code-Execution-in-Apache-Tomcat Create: 2025-08-23 14:27:55 +0000 UTC Push: 2025-08-23 14:27:56 +0000 UTC |

XRayZen/cve-2025-9074-exploit-poc Create: 2025-08-23 09:14:24 +0000 UTC Push: 2025-08-23 09:14:26 +0000 UTC |

XRayZen/cve-2025-9074-poc ２０２５年８月２０日に公開されたDockerDesktopの脆弱性を実証する Create: 2025-08-23 09:14:24 +0000 UTC Push: 2025-08-23 09:53:23 +0000 UTC |

Hex00-0x4/FortiWeb-CVE-2025-52970-Authentication-Bypass Create: 2025-08-23 07:09:10 +0000 UTC Push: 2025-08-23 07:09:11 +0000 UTC |

Hex00-0x4/Authentication-Bypass-in-FortiWeb-CVE-2025-52970- Create: 2025-08-23 07:00:49 +0000 UTC Push: 2025-08-23 07:00:50 +0000 UTC |

JGoyd/glass-cage-ios18-cve-2025-24085-cve-2025-24201 Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, exploiting WebKit (CVE-2025-24201) and Core Media (CVE-2025-24085) to achieve sandbox escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction. Create: 2025-08-23 05:08:06 +0000 UTC Push: 2025-08-23 05:08:07 +0000 UTC |

137f/PoC-CVE-2020-36847-WordPress-Plugin-4.2.2-RCE Create: 2025-08-23 02:22:58 +0000 UTC Push: 2025-08-23 02:22:58 +0000 UTC |

4n4s4zi/CVE-2025-33053_PoC POC exploit for CVE-2025-33053 (External control of file execution path in URL file) Create: 2025-08-23 01:37:35 +0000 UTC Push: 2025-08-23 01:37:35 +0000 UTC |

0xsharz/telerik-scanner-CVE-2019-18935 Create: 2025-08-22 19:47:24 +0000 UTC Push: 2025-08-22 19:47:25 +0000 UTC |

Aether-0/CVE-2025-55575 Create: 2025-08-22 19:04:24 +0000 UTC Push: 2025-08-22 19:04:24 +0000 UTC |

NiteeshPujari/CVE-2024-37054-MLflow-RCE This repository contains a Proof of Concept (PoC) for CVE-2024-37054, a critical deserialization vulnerability in MLflow that allows for Remote Code Execution (RCE). Create: 2025-08-22 12:54:40 +0000 UTC Push: 2025-08-22 12:55:21 +0000 UTC |

pandatix/CVE-2025-53632 An exploit of CVE-2025-53632 to confirm exploitability Create: 2025-08-22 12:37:59 +0000 UTC Push: 2025-08-22 15:07:32 +0000 UTC |

barbaraeivyu/CVE-2025-55230-Exploit Create: 2025-08-22 10:43:43 +0000 UTC Push: 2025-08-22 10:43:44 +0000 UTC |

XiaomingX/CVE-2025-43300-exp CVE-2025-43300的在野利用代码. Create: 2025-08-22 10:13:40 +0000 UTC Push: 2025-08-22 10:13:41 +0000 UTC |

Kryptoenix/CVE-2025-47987_PoC Create: 2025-08-22 09:42:02 +0000 UTC Push: 2025-08-28 17:25:23 +0000 UTC |

Eyodav/CVE-2025-34159 A critical Remote Code Execution (RCE) vulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker Compose directives during project creation or updates. By defining a malicious service that mounts the host filesystem an attacker can achieve root-level command execution on Create: 2025-08-22 09:11:36 +0000 UTC Push: 2025-08-27 18:59:52 +0000 UTC |