Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
19,791 exploits
Referência
CVE-2022-31704
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely
85RISK
open ↗Referência
CVE-2022-31704
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely
85RISK
open ↗Referência
CVE-2016-7255
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,
93RISK
open ↗Referência
CVE-2016-7255
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,
93RISK
open ↗Referência
CVE-2016-7255
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,
93RISK
open ↗Referência
CVE-2016-7255
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,
93RISK
open ↗Referência
CVE-2019-9621
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x b
100RISK
open ↗Referência
CVE-2019-9621
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x b
100RISK
open ↗Referência
CVE-2019-9621
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x b
100RISK
open ↗Referência
CVE-2019-1458
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in
100RISK
open ↗Referência
CVE-2019-1458
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in
100RISK
open ↗Referência
CVE-2018-0758
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitra
45RISK
open ↗Referência
CVE-2016-0491
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12
60RISK
open ↗Referência
CVE-2016-0491
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12
60RISK
open ↗Referência
CVE-2016-0491
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12
60RISK
open ↗Referência
CVE-2014-9583
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC
60RISK
open ↗Referência
CVE-2014-9583
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC
60RISK
open ↗Referência
CVE-2014-9583
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC
60RISK
open ↗Referência
CVE-2021-20034
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal
45RISK
open ↗Referência
CVE-2019-10669
An issue was discovered in LibreNMS through 1.47. There is a command injection vulnerability in html/includes/graphs/dev
60RISK
open ↗Referência
CVE-2015-7808
The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PH
60RISK
open ↗Referência
CVE-2020-13160
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execut
60RISK
open ↗Referência
CVE-2020-13160
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execut
60RISK
open ↗Referência
CVE-2018-12464
Unauthenticated SQL injection in Micro Focus Secure Messaging Gateway
85RISK
open ↗Referência
CVE-2021-21425
Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
85RISK
open ↗Referência
CVE-2021-21425
Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
85RISK
open ↗Referência
CVE-2017-12557
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and e
60RISK
open ↗Referência
CVE-2017-0037
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilde
93RISK
open ↗Referência
SAP MaxDB 7.6.03.07 - Remote Command Execution
SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell me
60RISK
open ↗Referência
CVE-2020-14871
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported ve
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.