Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
22,469 exploits
Exploit-DB
Apache Httpd mod_rewrite - Open Redirects
CVE-2019-1009814 Oct 2019
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential m
60RISK
open
Exploit-DB
Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File
CVE-2019-134710 Oct 2019
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Servi
28RISK
open
Exploit-DB
Microsoft Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File
CVE-2019-134410 Oct 2019
An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memo
23RISK
open
Exploit-DB
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery
CVE-2019-13529HIGH10 Oct 2019
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform action
41RISK
open
Exploit-DB
Microsoft Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter
CVE-2019-136410 Oct 2019
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle o
23RISK
open
Exploit-DB
Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File
CVE-2019-134510 Oct 2019
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Window
23RISK
open
Exploit-DB
TP-Link TL-WR1043ND 2 - Authentication Bypass
CVE-2019-697110 Oct 2019
An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packe
28RISK
open
Exploit-DB
Microsoft Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File
CVE-2019-134310 Oct 2019
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Servi
28RISK
open
Exploit-DB
Microsoft Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File
CVE-2019-134610 Oct 2019
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Servi
28RISK
open
Exploit-DB
XNU - Remote Double-Free via Data Race in IPComp Input Path
CVE-2019-871709 Oct 2019
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS
23RISK
open
Exploit-DB
vBulletin 5.0 < 5.5.4 - 'updateAvatar' Authenticated Remote Code Execution
CVE-2019-1713207 Oct 2019
vBulletin through 5.5.4 mishandles custom avatars.
28RISK
open
Exploit-DB
Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting
CVE-2019-1722507 Oct 2019
Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" i
23RISK
open
Exploit-DB
IBM Bigfix Platform 9.5.9.62 - Arbitrary File Upload
CVE-2019-4013CRITICAL07 Oct 2019
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root pr
53RISK
open
Exploit-DB
CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation
CVE-2019-845207 Oct 2019
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security clien
23RISK
open
Exploit-DB
Android - Binder Driver Use-After-Free
CVE-2019-2215HIGHunder attack04 Oct 2019
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interacti
100RISK
open
Exploit-DB
AnchorCMS < 0.12.3a - Information Disclosure
CVE-2018-725103 Oct 2019
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contain
60RISK
open
Exploit-DB
mintinstall 7.9.9 - Code Execution
CVE-2019-1708003 Oct 2019
mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by a
23RISK
open
Exploit-DB
DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
CVE-2017-0146HIGHunder attackransomware02 Oct 2019
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
Exploit-DB
DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
CVE-2017-0143HIGHunder attackransomware02 Oct 2019
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
Exploit-DB
DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
CVE-2017-0144HIGHunder attackransomware02 Oct 2019
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
Exploit-DB
DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
CVE-2017-0147HIGHunder attackransomware02 Oct 2019
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
Exploit-DB
DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
CVE-2017-0148HIGHunder attackransomware02 Oct 2019
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
Exploit-DB
DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
CVE-2017-0145HIGHunder attackransomware02 Oct 2019
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISK
open
Exploit-DB
DotNetNuke < 9.4.0 - Cross-Site Scripting
CVE-2019-1256201 Oct 2019
Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the mali
23RISK
open
Exploit-DB
phpIPAM 1.4 - SQL Injection
CVE-2019-1669230 Sep 2019
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is us
28RISK
open
Exploit-DB
WordPress Plugin ARforms 3.7.1 - Arbitrary File Deletion
CVE-2019-1690230 Sep 2019
In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an
23RISK
open
Exploit-DB
Cisco Small Business 220 Series - Multiple Vulnerabilities
CVE-2019-1913CRITICAL30 Sep 2019
Cisco Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities
53RISK
open
Exploit-DB
Cisco Small Business 220 Series - Multiple Vulnerabilities
CVE-2019-1912CRITICAL30 Sep 2019
Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability
53RISK
open
Exploit-DB
GoAhead 2.5.0 - Host Header Injection
CVE-2019-1664530 Sep 2019
An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) cre
23RISK
open
Exploit-DB
Cisco Small Business 220 Series - Multiple Vulnerabilities
CVE-2019-1914HIGH30 Sep 2019
Cisco Small Business 220 Series Smart Switches Command Injection Vulnerability
46RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.