Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
IBM Data Risk Manager Arbitrary File Download
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security rest
95RISK
open ↗Metasploit600
IBM Data Risk Manager Unauthenticated Remote Code Execution
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary co
85RISK
open ↗Metasploit600
IBM Data Risk Manager Unauthenticated Remote Code Execution
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrativ
65RISK
open ↗Metasploit300
IBM Data Risk Manager Arbitrary File Download
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrativ
65RISK
open ↗Metasploit300
SpamTitan Unauthenticated RCE
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp
60RISK
open ↗Metasploit0
Kibana Upgrade Assistant Telemetry Collector Prototype Pollution
Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authen
23RISK
open ↗Metasploit600
Cisco UCS Director Cloupia Script RCE
Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data
85RISK
open ↗Metasploit600
Cisco UCS Director Cloupia Script RCE
Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data
75RISK
open ↗Metasploit300
Veeam ONE Agent .NET Deserialization
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.
75RISK
open ↗Metasploit300
Veeam ONE Agent .NET Deserialization
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.
85RISK
open ↗Metasploit300
Zen Load Balancer Directory Traversal
Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attac
18RISK
open ↗Metasploit300
VMware vCenter Server vmdir Information Disclosure
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Servi
100RISK
open ↗Metasploit300
VMware vCenter Server vmdir Authentication Bypass
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Servi
100RISK
open ↗Metasploit300
LimeSurvey Zip Path Traversals
The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relati
23RISK
open ↗Metasploit300
LimeSurvey Zip Path Traversals
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileM
60RISK
open ↗Metasploit600
Nexus Repository Manager Java EL Injection RCE
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
100RISK
open ↗Metasploit300
Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump
The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an atta
18RISK
open ↗Metasploit300
Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpo
23RISK
open ↗Metasploit400
Pi-Hole DHCP MAC OS Command Execution
Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static l
100RISK
open ↗Metasploit600
GitLab File Read Remote Code Execution
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.
30RISK
open ↗Metasploit600
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the sl
40RISK
open ↗Metasploit600
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware
48RISK
open ↗Metasploit600
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Arch
68RISK
open ↗Metasploit600
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer
61RISK
open ↗Metasploit600
Grandstream UCM62xx IP PBX sendPasswordEmail RCE
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafte
100RISK
open ↗Metasploit0
Safari in Operator Side Effect Exploit
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.1. A malicious process may ca
18RISK
open ↗Metasploit0
Safari in Operator Side Effect Exploit
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. An application may be able
18RISK
open ↗Metasploit0
Safari in Operator Side Effect Exploit
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, wa
40RISK
open ↗Metasploit600
macOS cfprefsd Arbitrary File Write Local Privilege Escalation
A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Cata
18RISK
open ↗Metasploit600
VMware Fusion USB Arbitrator Setuid Privilege Escalation
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for
86RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.