Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
Wordpress Plugin Catch Themes Demo Import RCE
Catch Themes Demo Import <= 1.7 Admin+ Arbitrary File Upload
48RISK
open ↗Metasploit400
Win32k NtGdiResetDC Use After Free Local Privilege Elevation
Win32k Elevation of Privilege Vulnerability
100RISK
open ↗Metasploit600
WordPress Plugin Pie Register Auth Bypass to RCE
WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE
63RISK
open ↗Metasploit300
WordPress Plugin Perfect Survey 1.5.1 SQLi (Unauthenticated)
Perfect Survey < 1.5.2 - Unauthenticated SQL Injection
60RISK
open ↗Metasploit600
ManageEngine ADAudit Plus Authenticated File Write RCE
Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files.
40RISK
open ↗Metasploit600
Microsoft Office Word Malicious MSHTML RCE
Microsoft MSHTML Remote Code Execution Vulnerability
100RISK
open ↗Metasploit0
VMware vCenter vScalation Priv Esc
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and
18RISK
open ↗Metasploit600
VMware vCenter Server Analytics (CEIP) Service File Upload
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with netw
100RISK
open ↗Metasploit600
Hikvision IP Camera Unauthenticated Command Injection
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation,
100RISK
open ↗Metasploit300
Wordpress BulletProof Security Backup Disclosure
BulletProof Security <= 5.1 Sensitive Information Disclosure
70RISK
open ↗Metasploit600
ManageEngine ServiceDesk Plus CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014
100RISK
open ↗Metasploit600
Microsoft OMI Management Interface Authentication Bypass
Open Management Infrastructure Elevation of Privilege Vulnerability
91RISK
open ↗Metasploit600
Microsoft OMI Management Interface Authentication Bypass
Open Management Infrastructure Remote Code Execution Vulnerability
100RISK
open ↗Metasploit600
ManageEngine ADSelfService Plus CVE-2021-40539
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resulta
100RISK
open ↗Metasploit300
Netgear PNPX_GetShareFolderList Authentication Bypass
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021
33RISK
open ↗Metasploit300
WordPress Plugin Automatic Config Change to RCE
WordPress Automatic Plugin <= 3.53.2 - Unauthenticated Arbitrary Options Update
48RISK
open ↗Metasploit600
Atlassian Confluence WebWork OGNL Injection
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an un
100RISK
open ↗Metasploit300
Canon Driver Privilege Escalation
The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer pro
18RISK
open ↗Metasploit300
Pi-Hole Top Domains API Authenticated Exec
(Authenticated) Remote Code Execution Possible in Web Interface 5.5
48RISK
open ↗Metasploit600
ManageEngine OpManager SumPDU Java Deserialization
Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution v
60RISK
open ↗Metasploit600
ManageEngine OpManager SumPDU Java Deserialization
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the
30RISK
open ↗Metasploit300
Elasticsearch Memory Disclosure
A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the abil
60RISK
open ↗Metasploit300
Windows SAM secrets leak - HiveNightmare
Windows Elevation of Privilege Vulnerability
98RISK
open ↗Metasploit300
Lexmark Driver Privilege Escalation
The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below,
18RISK
open ↗Metasploit600
Nagios XI Autodiscovery Webshell Upload
A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post au
23RISK
open ↗Metasploit300
Jetty WEB-INF File Disclosure
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characte
70RISK
open ↗Metasploit300
Jetty WEB-INF File Disclosure
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contai
70RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in preserve parameter leading to RCE
48RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in environment.lang parameter leading to RCE
48RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in command parameter leading to RCE
48RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.