Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds
In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabili
23RISK
open ↗Exploit-DB
Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)
A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a
33RISK
open ↗Exploit-DB
AppXSvc 17763 - Arbitrary File Overwrite (DoS)
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard li
23RISK
open ↗Exploit-DB
Apache Olingo OData 4.0 - XML External Entity Injection
The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resoluti
28RISK
open ↗Exploit-DB
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier v
35RISK
open ↗Exploit-DB
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check
28RISK
open ↗Exploit-DB
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result
90RISK
open ↗Exploit-DB
Verot 2.0.3 - Remote Code Execution
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! an
28RISK
open ↗Exploit-DB
Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, w
23RISK
open ↗Exploit-DB
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow
Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs pa
28RISK
open ↗Exploit-DB
Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to exec
28RISK
open ↗Exploit-DB
Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to exec
28RISK
open ↗Exploit-DB
Cisco WLC 2504 8.9 - Denial of Service (PoC)
Cisco Wireless LAN Controller HTTP Parsing Engine Denial of Service Vulnerability
53RISK
open ↗Exploit-DB
Revive Adserver 4.2 - Remote Code Execution
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() cal
50RISK
open ↗Exploit-DB
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a pa
23RISK
open ↗Exploit-DB
Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet
93RISK
open ↗Exploit-DB
GNU Mailutils 3.7 - Privilege Escalation
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
23RISK
open ↗Exploit-DB
Pulse Secure VPN - Arbitrary Command Execution (Metasploit)
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1R
100RISK
open ↗Exploit-DB
Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs
Reference count underflow in shiftfs
41RISK
open ↗Exploit-DB
Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path
Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs
41RISK
open ↗Exploit-DB
Bludit - Directory Traversal Image File Upload (Metasploit)
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .j
60RISK
open ↗Exploit-DB
Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs
Type confusion in shiftfs
41RISK
open ↗Exploit-DB
FusionPBX - Operator Panel exec.php Command Execution (Metasploit)
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerabili
60RISK
open ↗Exploit-DB
Xorg X11 Server - Local Privilege Escalation (Metasploit)
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options wh
43RISK
open ↗Exploit-DB
Microsoft Windows 7 (x86) - 'BlueKeep' Remote Desktop Protocol (RDP) Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unau
100RISK
open ↗Exploit-DB
nipper-ng 0.11.10 - Remote Buffer Overflow (PoC)
A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows re
28RISK
open ↗Exploit-DB
Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal tech
28RISK
open ↗Exploit-DB
Xfilesharing 2.5.1 - Arbitrary File Upload
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
28RISK
open ↗Exploit-DB
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows
91RISK
open ↗Exploit-DB
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft W
91RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.