Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
AllExploit-DB 22,467Referência 19,791GitHub PoC 13,086VulnCheck XDB 8,069Nuclei 4,187Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit600
Geutebruck instantrec Remote Command Execution
UDP Technology/Geutebrück camera devices: Buffer overflow in action parameter leading to RCE
48RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: command injection leading to RCE
58RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Authentication Bypass
65RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RISK
open ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in preserve parameter leading to RCE
48RISK
open ↗Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing
85RISK
open ↗Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
Sage X3 AdxAdmin Exposure of Sensitive Information to an Unauthorized Actor
40RISK
open ↗Metasploit500
Netfilter x_tables Heap OOB Write Privilege Escalation
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RISK
open ↗Metasploit600
ForgeRock / OpenAM Jato Java Deserialization
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pa
100RISK
open ↗Metasploit600
Moodle SpellChecker Path Authenticated Remote Command Execution
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted s
41RISK
open ↗Metasploit600
Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution
SP Project & Document Manager <2 4.22 - Authenticated Shell Upload
30RISK
open ↗Metasploit300
Wordpress Popular Posts Authenticated RCE
WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload
78RISK
open ↗Metasploit300
Print Spooler Remote DLL Injection
Windows Print Spooler Remote Code Execution Vulnerability
100RISK
open ↗Metasploit300
Print Spooler Remote DLL Injection
Windows Print Spooler Remote Code Execution Vulnerability
100RISK
open ↗Metasploit600
Polkit D-Bus Authentication Bypass
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privile
91RISK
open ↗Metasploit300
Squid Proxy Range Header DoS
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a
40RISK
open ↗Metasploit300
Squid Proxy Range Header DoS
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to
23RISK
open ↗Metasploit600
VMware vCenter Server Virtual SAN Health Check Plugin RCE
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual
100RISK
open ↗Metasploit600
ExifTool DjVu ANT Perl injection
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RISK
open ↗Metasploit600
IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE
lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It
50RISK
open ↗Metasploit600
Microsoft SharePoint Unsafe Control and ViewState RCE
Microsoft SharePoint Remote Code Execution Vulnerability
48RISK
open ↗Metasploit500
Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE
Linux kernel eBPF bitwise ops ALU32 bounds tracking
41RISK
open ↗Metasploit300
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
100RISK
open ↗Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open ↗Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISK
open ↗Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISK
open ↗Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISK
open ↗Metasploit600
Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)
Cisco HyperFlex HX Data Platform File Upload Vulnerability
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.