Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated Configuration Download
An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3
35RISK
open ↗Exploit-DB
Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell
An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3
35RISK
open ↗Exploit-DB
VxWorks 6.8 - TCP Urgent Pointer = 0 Integer Underflow
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TC
45RISK
open ↗Exploit-DB
Ghidra (Linux) 9.0.4 - .gar Arbitrary Code Execution
In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive)
23RISK
open ↗Exploit-DB
BSI Advance Hotel Booking System 2.0 - 'booking_details.php Persistent Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0
23RISK
open ↗Exploit-DB
Adive Framework 2.0.7 - Cross-Site Request Forgery
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.
23RISK
open ↗Exploit-DB
Aptana Jaxer 1.0.3.4547 - Local File inclusion
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This v
43RISK
open ↗Exploit-DB
Open-School 3.0 / Community Edition 2.3 - Cross-Site Scripting
Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter.
43RISK
open ↗Exploit-DB
WordPress Plugin JoomSport 3.3 - SQL Injection
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via
28RISK
open ↗Exploit-DB
Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to
60RISK
open ↗Exploit-DB
macOS iMessage - Heap Overflow when Deserializing
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A rem
28RISK
open ↗Exploit-DB
SilverSHielD 6.x - Local Privilege Escalation
extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The
23RISK
open ↗Exploit-DB
Oracle Hyperion Planning 11.1.2.3 - XML External Entity
Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). The supported versi
23RISK
open ↗Exploit-DB
macOS / iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS M
28RISK
open ↗Exploit-DB
Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming
The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000.9.R, Dahua IPC HX5X3X and HX4X3X V2.800.0000008.0
28RISK
open ↗Exploit-DB
macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS
23RISK
open ↗Exploit-DB
macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS M
23RISK
open ↗Exploit-DB
iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchO
28RISK
open ↗Exploit-DB
iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10
28RISK
open ↗Exploit-DB
iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.
28RISK
open ↗Exploit-DB
WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery
The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section.
23RISK
open ↗Exploit-DB
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)
A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 wh
50RISK
open ↗Exploit-DB
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution (Metasploit)
An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to
60RISK
open ↗Exploit-DB
Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL
28RISK
open ↗Exploit-DB
Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in
71RISK
open ↗Exploit-DB
Moodle Filepicker 3.5.2 - Server Side Request Forgery
Moodle 3.x has Server Side Request Forgery in the filepicker.
28RISK
open ↗Exploit-DB
Ahsay Backup 8.1.1.50 - Insecure File Upload and Code Execution (Authenticated)
An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to
60RISK
open ↗Exploit-DB
pdfresurrect 0.15 - Buffer Overflow
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is misha
23RISK
open ↗Exploit-DB
Ovidentia 8.4.3 - Cross-Site Scripting
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=crea
23RISK
open ↗Exploit-DB
WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads
A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management
23RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.