Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
Cisco IKE Information Disclosure
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x
100RISK
open ↗Metasploit300
BIND TSIG Query Denial of Service
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly
60RISK
open ↗Metasploit600
MagniComp SysInfo mcsiwrapper Privilege Escalation
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow
38RISK
open ↗Metasploit600
BuilderEngine Arbitrary File Upload Vulnerability and execution
BuilderEngine 3.5.0 RCE via Unauthenticated Arbitrary File Upload
63RISK
open ↗Metasploit500
Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution
Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.
23RISK
open ↗Metasploit0
WebKit not_number defineProperties UAF
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory
98RISK
open ↗Metasploit400
Safari Webkit JIT Exploit for iOS 7.1.2
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud b
30RISK
open ↗Metasploit0
WebKit not_number defineProperties UAF
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denia
91RISK
open ↗Metasploit0
WebKit not_number defineProperties UAF
The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
90RISK
open ↗Metasploit400
Safari Webkit JIT Exploit for iOS 7.1.2
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS b
38RISK
open ↗Metasploit400
AF_PACKET chocobo_root Privilege Escalation
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cau
43RISK
open ↗Metasploit300
ColoradoFTP Server 1.3 Build 8 Directory Traversal Information Disclosure
ColoradoFTP Server <= 1.3 Build 8 Path Traversal Information Disclosure
63RISK
open ↗Metasploit300
Zabbix toggle_ids SQL Injection
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQ
40RISK
open ↗Metasploit300
Internet Explorer Iframe Sandbox File Name Disclosure Vulnerability
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the f
30RISK
open ↗Metasploit600
Trend Micro Smart Protection Server Exec Remote Code Injection
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330
30RISK
open ↗Metasploit300
DLL Side Loading Vulnerability in VMware Host Guest Client Redirector
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 t
43RISK
open ↗Metasploit300
NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillanc
50RISK
open ↗Metasploit600
NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 th
60RISK
open ↗Metasploit600
NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR Rea
60RISK
open ↗Metasploit600
SonicWall Global Management System XMLRPC set_time_zone Unauth RCE
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before
23RISK
open ↗Metasploit0
Oracle Weblogic Server Deserialization RCE - MarshalledObject
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12
40RISK
open ↗Metasploit600
Tiki Wiki Unauthenticated File Upload Vulnerability
Tiki Wiki <= 15.1 ELFinder Unauthenticated File Upload RCE
63RISK
open ↗Metasploit500
NetBSD mail.local Privilege Escalation
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or
38RISK
open ↗Metasploit300
WebNMS Framework Server Arbitrary Text File Download
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows rem
60RISK
open ↗Metasploit300
WebNMS Framework Server Credential Disclosure
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependen
50RISK
open ↗Metasploit600
WebNMS Framework Server Arbitrary File Upload
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remot
60RISK
open ↗Metasploit300
WebNMS Framework Server Credential Disclosure
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows rem
60RISK
open ↗Metasploit600
Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution
Riverbed SteelCentral NetProfiler / NetExpress 10.8.7 RCE
63RISK
open ↗Metasploit600
Panda Security PSEvents Privilege Escalation
Panda Security PSEvents.exe Insecure DLL Loading Privilege Escalation
36RISK
open ↗Metasploit600
SugarCRM REST Unserialize PHP Code Execution
SugarCRM PHP Deserialization RCE
63RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.