Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
19,810 exploits
Referência
CVE-2019-7257
Linear eMerge E3-Series devices allow Unrestricted File Upload.
35RISK
open
Referência
Open Translation Engine (OTE) 0.7.8 - 'header.php?ote_home' Remote File Inclusion
PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 allows remote attacke
35RISK
open
Referência
PHP Generic library & Framework - 'INCLUDE_PATH' Remote File Inclusion
PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neri
35RISK
open
Referência
CVE-2016-0185
CVE-2016-0185HIGHunder attack
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary
83RISK
open
Referência
CVE-2021-32682
Multiple vulnerabilities leading to RCE
75RISK
open
Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open
Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open
Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open
Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open
Referência
EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)
Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP
50RISK
open
Referência
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 thro
50RISK
open
Referência
CVE-2016-1106
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsof
35RISK
open
Referência
CVE-2016-1106
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsof
35RISK
open
Referência
CVE-2012-0201
Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x befo
50RISK
open
Referência
Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated)
In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharac
50RISK
open
Referência
Solaris 9 (UltraSPARC) - 'sadmind' Remote Code Execution
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allo
50RISK
open
Referência
CVE-2017-11873
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709
35RISK
open
Referência
CVE-2014-0257
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it
50RISK
open
Referência
CVE-2014-0257
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it
50RISK
open
Referência
CVE-2011-3176
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allo
50RISK
open
Referência
CVE-2025-48827
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers'
75RISK
open
Referência
CVE-2011-1567
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Grap
50RISK
open
Referência
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote att
50RISK
open
Referência
Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu P
50RISK
open
Referência
Motorola Timbuktu Pro 8.6.5/8.7 - Directory Traversal / Log Injection
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu P
50RISK
open
Referência
CVE-2020-11022
jQuery has a potential XSS vulnerability
55RISK
open
Referência
CVE-2020-11022
jQuery has a potential XSS vulnerability
55RISK
open
Referência
CVE-2012-5896
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not prope
50RISK
open
Referência
CVE-2012-5896
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not prope
50RISK
open
Referência
CVE-2012-5896
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not prope
50RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.