Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
19,810 exploits
Referência
CVE-2010-2263
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or
60RISK
open
Referência
CVE-2019-0568
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
35RISK
open
Referência
CVE-2012-0209
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November
60RISK
open
Referência
CVE-2016-1543
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux a
60RISK
open
Referência
CVE-2016-1543
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux a
60RISK
open
Referência
CVE-2016-1543
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux a
60RISK
open
Referência
CVE-2024-12084
Rsync: heap buffer overflow in rsync due to improper checksum length handling
70RISK
open
Referência
CVE-2019-6453
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The a
45RISK
open
Referência
CVE-2010-3973
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in
60RISK
open
Referência
CVE-2015-2845
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arb
60RISK
open
Referência
CVE-2015-2845
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arb
60RISK
open
Referência
CVE-2015-2845
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arb
60RISK
open
Referência
CVE-2011-0267
Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote at
60RISK
open
Referência
CVE-2022-29885
EncryptInterceptor does not provide complete protection on insecure networks
45RISK
open
Referência
CVE-2014-9727
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter t
60RISK
open
Referência
CVE-2019-19509
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a
60RISK
open
Referência
CVE-2019-19509
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a
60RISK
open
Referência
CVE-2019-19509
An issue was discovered in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a
60RISK
open
Referência
CVE-2017-8641
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Serve
45RISK
open
Referência
CVE-2013-2751
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator
60RISK
open
Referência
CVE-2013-2751
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator
60RISK
open
Referência
CVE-2019-11231
An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows
60RISK
open
Referência
CVE-2014-8684
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof
60RISK
open
Referência
GOM Player 2.1.6.3499 - 'GomWeb3.dll 1.0.0.12' Remote Overflow
Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Playe
60RISK
open
Referência
CVE-2016-7241
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of
45RISK
open
Referência
CVE-2018-20434
LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to htm
60RISK
open
Referência
CVE-2018-20434
LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to htm
60RISK
open
Referência
CVE-2003-0264
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO arg
60RISK
open
Referência
CVE-2016-3247
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of
45RISK
open
Referência
CVE-2019-19985
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file downloa
70RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.