Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
IBM Notes encodeURI DOS
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it coul
50RISK
open ↗Metasploit300
IBM Notes Denial Of Service
IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it woul
43RISK
open ↗Metasploit600
Disk Pulse Enterprise GET Buffer Overflow
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9
40RISK
open ↗Metasploit300
HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53
60RISK
open ↗Metasploit400
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE
43RISK
open ↗Metasploit600
Malicious Git HTTP Server For CVE-2017-1000117
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL ca
60RISK
open ↗Metasploit600
DIR-850L (Un)authenticated OS Command Exec
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SER
23RISK
open ↗Metasploit600
Unitrends UEB http api remote code execution
It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of
60RISK
open ↗Metasploit600
Unitrends UEB http api remote code execution
It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, w
50RISK
open ↗Metasploit600
Unitrends UEB bpserverd authentication bypass RCE
It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xin
50RISK
open ↗Metasploit600
QNAP Transcode Server Command Execution
QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.
23RISK
open ↗Metasploit0
Android Janus APK Signature bypass
An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0,
43RISK
open ↗Metasploit600
Western Digital MyCloud multi_uploadify File Upload Vulnerability
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquer
60RISK
open ↗Metasploit600
Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory tra
50RISK
open ↗Metasploit600
DotNetNuke Cookie Deserialization Remote Code Excecution
DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expect
50RISK
open ↗Metasploit600
DotNetNuke Cookie Deserialization Remote Code Excecution
DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expect
50RISK
open ↗Metasploit600
DotNetNuke Cookie Deserialization Remote Code Excecution
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code e
100RISK
open ↗Metasploit600
DotNetNuke Cookie Deserialization Remote Code Excecution
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
100RISK
open ↗Metasploit600
DotNetNuke Cookie Deserialization Remote Code Excecution
DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue ex
100RISK
open ↗Metasploit600
Supervisor XML-RPC Authenticated Remote Code Execution
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem
60RISK
open ↗Metasploit400
OrientDB 2.2.x Remote Code Execution
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which a
60RISK
open ↗Metasploit600
Evince CBT File Command Injection
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to e
50RISK
open ↗Metasploit600
Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passe
100RISK
open ↗Metasploit400
Solaris RSH Stack Clash Privilege Escalation
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported versio
38RISK
open ↗Metasploit400
Solaris RSH Stack Clash Privilege Escalation
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficie
38RISK
open ↗Metasploit400
Solaris RSH Stack Clash Privilege Escalation
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions t
38RISK
open ↗Metasploit400
Solaris RSH Stack Clash Privilege Escalation
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions t
38RISK
open ↗Metasploit500
LNK Code Execution Vulnerability
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 201
100RISK
open ↗Metasploit500
LNK Code Execution Vulnerability
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 201
100RISK
open ↗Metasploit200
Microsoft Windows RRAS Service MIBEntryGet Overflow
Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute c
23RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.