Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
3,462 exploits
Metasploit600
EyesOfNetwork 5.1-5.3 AutoDiscovery Target Command Execution
CVE-2020-865406 Feb 2020
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoD
60RISK
open
Metasploit600
EyesOfNetwork 5.1-5.3 AutoDiscovery Target Command Execution
CVE-2020-946506 Feb 2020
An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL
40RISK
open
Metasploit600
EyesOfNetwork 5.1-5.3 AutoDiscovery Target Command Execution
CVE-2020-8657CRITICALunder attack06 Feb 2020
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include
100RISK
open
Metasploit600
CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow
CVE-2020-801205 Feb 2020
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerabi
60RISK
open
Metasploit600
PlaySMS index.php Unauthenticated Template Injection Code Execution
CVE-2020-8644CRITICALunder attack05 Feb 2020
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.
100RISK
open
Metasploit600
CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow
CVE-2020-801005 Feb 2020
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vu
30RISK
open
Metasploit500
Arista restricted shell escape (with privesc)
CVE-2020-901502 Feb 2020
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly oth
23RISK
open
Metasploit600
OpenSMTPD MAIL FROM Remote Code Execution
CVE-2020-7247CRITICALunder attack28 Jan 2020
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to
100RISK
open
Metasploit600
Centreon Poller Authenticated Remote Command Execution
CVE-2019-1969927 Jan 2020
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers mi
23RISK
open
Metasploit300
Ricoh Driver Privilege Escalation
CVE-2019-1936322 Jan 2020
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attacker
38RISK
open
Metasploit300
WebLogic Server Deserialization RCE - BadAttributeValueExpException
CVE-2020-2555CRITICALunder attack15 Jan 2020
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Su
100RISK
open
Metasploit0
WordPress InfiniteWP Client Authentication Bypass
CVE-2020-877214 Jan 2020
The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in in
40RISK
open
Metasploit300
"Cablehaunt" Cable Modem WebSocket DoS
CVE-2019-1949407 Jan 2020
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker
23RISK
open
Metasploit600
D-Link DIR-859 Unauthenticated Remote Command Execution
CVE-2019-17621CRITICALunder attack24 Dec 2019
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated rem
100RISK
open
Metasploit600
D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi
CVE-2019-2021524 Dec 2019
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the
60RISK
open
Metasploit600
IBM TM1 / Planning Analytics Unauthenticated Remote Code Execution
CVE-2019-4716CRITICALunder attack19 Dec 2019
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated use
100RISK
open
Metasploit600
Citrix ADC (NetScaler) Directory Traversal RCE
CVE-2019-19781CRITICALunder attackransomware17 Dec 2019
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. Th
100RISK
open
Metasploit300
Citrix ADC (NetScaler) Directory Traversal Scanner
CVE-2019-19781CRITICALunder attackransomware17 Dec 2019
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. Th
100RISK
open
Metasploit300
TVT NVMS-1000 Directory Traversal
CVE-2019-20085HIGHunder attack12 Dec 2019
TVT NVMS-1000 devices allow GET /.. Directory Traversal
100RISK
open
Metasploit600
OpenBSD Dynamic Loader chpass Privilege Escalation
CVE-2019-1972611 Dec 2019
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be
38RISK
open
Metasploit300
Microsoft Windows Uninitialized Variable Local Privilege Elevation
CVE-2019-1458HIGHunder attackransomware10 Dec 2019
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in
100RISK
open
Metasploit600
Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization
CVE-2019-18935CRITICALunder attackransomware09 Dec 2019
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUp
100RISK
open
Metasploit600
Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization
CVE-2017-11317CRITICALunder attack09 Dec 2019
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload
100RISK
open
Metasploit300
Anviz CrossChex Buffer Overflow
CVE-2019-1251828 Nov 2019
Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability.
50RISK
open
Metasploit600
Liferay Portal Java Unmarshalling via JSONWS RCE
CVE-2020-7961CRITICALunder attack25 Nov 2019
Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary c
100RISK
open
Metasploit300
QNAP QTS and Photo Station Local File Inclusion
CVE-2019-7195CRITICALunder attackransomware25 Nov 2019
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fi
100RISK
open
Metasploit300
QNAP QTS and Photo Station Local File Inclusion
CVE-2019-7194CRITICALunder attackransomware25 Nov 2019
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fi
100RISK
open
Metasploit300
QNAP QTS and Photo Station Local File Inclusion
CVE-2019-7192CRITICALunder attackransomware25 Nov 2019
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix the
100RISK
open
Metasploit600
OpenNetAdmin Ping Command Injection
CVE-2019-25065MEDIUM19 Nov 2019
OpenNetAdmin os command injection
48RISK
open
Metasploit300
WordPress Email Subscribers and Newsletter Hash SQLi Scanner
CVE-2019-20361HIGH13 Nov 2019
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to b
78RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.