Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
Cisco Small Business 220 Series - Multiple Vulnerabilities
Cisco Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities
53RISK
open ↗Exploit-DB
ABRT - sosreport Privilege Escalation (Metasploit)
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain perm
38RISK
open ↗Exploit-DB
NPMJS gitlabhook 0.0.17 - 'repository' Remote Command Execution
NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be inje
35RISK
open ↗Exploit-DB
Microsoft SharePoint 2013 SP1 - 'DestinationFolder' Persistant Cross-Site Scripting
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a speciall
23RISK
open ↗Exploit-DB
Pfsense 2.3.4 / 2.4.4-p3 - Remote Code Injection
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_ph
28RISK
open ↗Exploit-DB
Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit)
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unau
100RISK
open ↗Exploit-DB
iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds
An out-of-bounds read was addressed with improved input validation.
28RISK
open ↗Exploit-DB
Gila CMS < 1.11.1 - Local File Inclusion
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.
23RISK
open ↗Exploit-DB
HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure
A disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than ve
23RISK
open ↗Exploit-DB
iOS < 12.4.1 - 'Jailbreak' Local Privilege Escalation
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.1
76RISK
open ↗Exploit-DB
vBulletin 5.0 < 5.5.4 - 'widget_php ' Unauthenticated Remote Code Execution
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widge
100RISK
open ↗Exploit-DB
LayerBB < 1.1.4 - Cross-Site Request Forgery
LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
23RISK
open ↗Exploit-DB
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to acce
23RISK
open ↗Exploit-DB
Counter-Strike Global Offensive 1.37.1.1 - 'vphysics.dll' Denial of Service (PoC)
vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or de
23RISK
open ↗Exploit-DB
Symantec Advanced Secure Gateway (ASG) / ProxySG - Unrestricted File Upload
Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A
23RISK
open ↗Exploit-DB
Notepad++ < 7.7 (x64) - Denial of Service
SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode ch
23RISK
open ↗Exploit-DB
AppXSvc - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To e
76RISK
open ↗Exploit-DB
Dolibarr ERP-CRM 10.0.1 - 'User-Agent' Cross-Site Scripting
In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-Agent HTTP header is copied into the HTML document
23RISK
open ↗Exploit-DB
LimeSurvey 3.17.13 - Cross-Site Scripting
LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, Su
23RISK
open ↗Exploit-DB
LimeSurvey 3.17.13 - Cross-Site Scripting
LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example,
23RISK
open ↗Exploit-DB
Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'Di
28RISK
open ↗Exploit-DB
Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'Di
28RISK
open ↗Exploit-DB
October CMS - Upload Protection Bypass Code Execution (Metasploit)
October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise
50RISK
open ↗Exploit-DB
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection
SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/control
28RISK
open ↗Exploit-DB
LibreNMS - Collectd Command Injection (Metasploit)
An issue was discovered in LibreNMS through 1.47. There is a command injection vulnerability in html/includes/graphs/dev
60RISK
open ↗Exploit-DB
WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting (2)
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admi
23RISK
open ↗Exploit-DB
WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting
Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via admi
23RISK
open ↗Exploit-DB
Enigma NMS 65.0.0 - OS Command Injection
An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows
43RISK
open ↗Exploit-DB
Enigma NMS 65.0.0 - SQL Injection
A remote SQL injection web vulnerability was discovered in the Enigma NMS 65.0.0 and prior web application that allows a
23RISK
open ↗Exploit-DB
FusionPBX 4.4.8 - Remote Code Execution
FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service
28RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.