Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
19,810 exploits
Referência
Open Translation Engine (OTE) 0.7.8 - 'header.php?ote_home' Remote File Inclusion
PHP remote file inclusion vulnerability in skins/header.php in Open Translation Engine (OTE) 0.7.8 allows remote attacke
35RISK
open ↗Referência
PHP Generic library & Framework - 'INCLUDE_PATH' Remote File Inclusion
PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neri
35RISK
open ↗Referência
CVE-2016-0185
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary
83RISK
open ↗Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open ↗Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open ↗Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open ↗Referência
CVE-2015-5082
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open ↗Referência
EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)
Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP
50RISK
open ↗Referência
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 thro
50RISK
open ↗Referência
CVE-2016-1106
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsof
35RISK
open ↗Referência
CVE-2016-1106
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsof
35RISK
open ↗Referência
CVE-2012-0201
Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x befo
50RISK
open ↗Referência
Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated)
In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharac
50RISK
open ↗Referência
Solaris 9 (UltraSPARC) - 'sadmind' Remote Code Execution
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allo
50RISK
open ↗Referência
CVE-2017-11873
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709
35RISK
open ↗Referência
CVE-2014-0257
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it
50RISK
open ↗Referência
CVE-2014-0257
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it
50RISK
open ↗Referência
CVE-2011-3176
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allo
50RISK
open ↗Referência
CVE-2025-48827
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers'
75RISK
open ↗Referência
CVE-2011-1567
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Grap
50RISK
open ↗Referência
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote att
50RISK
open ↗Referência
Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu P
50RISK
open ↗Referência
Motorola Timbuktu Pro 8.6.5/8.7 - Directory Traversal / Log Injection
Directory traversal vulnerability in the Notes (aka Flash Notes or instant messages) feature in tb2ftp.dll in Timbuktu P
50RISK
open ↗Referência
CVE-2012-5896
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not prope
50RISK
open ↗Referência
CVE-2012-5896
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not prope
50RISK
open ↗Referência
CVE-2012-5896
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not prope
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.