Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit0
Safari Proxy Object Type Confusion
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud
68RISK
open ↗Metasploit300
SAP Internet Graphics Server (IGS) XMLCHART XXE
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML Exter
23RISK
open ↗Metasploit300
SAP Internet Graphics Server (IGS) XMLCHART XXE
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML Exter
50RISK
open ↗Metasploit600
Unitrends Enterprise Backup bpserverd Privilege Escalation
It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpext.so authentication could be bypassed with a SQL i
50RISK
open ↗Metasploit300
Flexense HTTP Server Denial Of Service
An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access v
60RISK
open ↗Metasploit300
HTTP SickRage Password Leak
SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.
60RISK
open ↗Metasploit600
ManageEngine Applications Manager Remote Code Execution
A remote code execution issue was discovered in Zoho ManageEngine Applications Manager before 13.6 (build 13640). The pu
60RISK
open ↗Metasploit600
ClipBucket beats_uploader Unauthenticated Arbitrary File Upload
An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter
23RISK
open ↗Metasploit300
Memcached Stats Amplification Scanner
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vuln
60RISK
open ↗Metasploit600
Nanopool Claymore Dual Miner APIs RCE
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner
60RISK
open ↗Metasploit300
Claymore Dual GPU Miner Format String dos attack
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format strin
50RISK
open ↗Metasploit0
Exodus Wallet (ElectronJS Framework) remote Code Execution
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the pro
60RISK
open ↗Metasploit600
AsusWRT LAN Unauthenticated Remote Code Execution
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpn
60RISK
open ↗Metasploit600
AsusWRT LAN Unauthenticated Remote Code Execution
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, pro
60RISK
open ↗Metasploit500
CloudMe Sync v1.10.9
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sy
60RISK
open ↗Metasploit300
glibc 'realpath()' Privilege Escalation
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before th
43RISK
open ↗Metasploit300
GitStack Unauthenticated REST API Requests
An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unau
60RISK
open ↗Metasploit500
GitStack Unsanitized Argument RCE
An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unau
60RISK
open ↗Metasploit600
Monstra CMS Authenticated Arbitrary File Upload
Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for exa
30RISK
open ↗Metasploit600
Cambium ePMP1000 'get_chart' Shell via Command Injection (v3.1-3.5-RC7)
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web
60RISK
open ↗Metasploit600
GoAhead Web Server LD_PRELOAD Arbitrary Module Load
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. T
100RISK
open ↗Metasploit600
Linksys WVBR0-25 User-Agent Command Execution
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authe
60RISK
open ↗Metasploit600
Apache Spark Unauthenticated Command Execution
From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the su
50RISK
open ↗Metasploit400
Commvault Communications Service (cvd) Command Injection
A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain mess
30RISK
open ↗Metasploit600
Palo Alto Networks readSessionVarsFromFile() Session Corruption
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote
100RISK
open ↗Metasploit600
Mac OS X Root Privilege Escalation
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The is
50RISK
open ↗Metasploit300
Clickjacking Vulnerability In CSRF Error Page pfSense
pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged e
30RISK
open ↗Metasploit0
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Mi
100RISK
open ↗Metasploit500
Dup Scout Enterprise Login Buffer Overflow
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9
40RISK
open ↗Metasploit500
Linux BPF Sign Extension Local Privilege Escalation
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.