Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISK
open ↗Exploit-DB
Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery
Cisco IOS XE NGWC Legacy Wireless Device Manager GUI Cross-Site Request Forgery Vulnerability
46RISK
open ↗Exploit-DB
Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds Read
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 5.3. A remote attacke
23RISK
open ↗Exploit-DB
Android 7 < 9 - Remote Code Execution
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. Th
23RISK
open ↗Exploit-DB
BACnet Stack 0.8.6 - Denial of Service
BACnet Protocol Stack through 0.8.6 has a segmentation fault leading to denial of service in BACnet APDU Layer because a
35RISK
open ↗Exploit-DB
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter)
SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string
28RISK
open ↗Exploit-DB
REDCap < 9.1.2 - Cross-Site Scripting
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9
23RISK
open ↗Exploit-DB
Microsoft Windows 10 1903/1809 - RPCSS Activation Kernel Security Callback Privilege Escalation
An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an
23RISK
open ↗Exploit-DB
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow
SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string
28RISK
open ↗Exploit-DB
Microsoft Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in
98RISK
open ↗Exploit-DB
Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISK
open ↗Exploit-DB
DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)
SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.
23RISK
open ↗Exploit-DB
PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasploit)
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwo
60RISK
open ↗Exploit-DB
CentOS Control Web Panel 0.9.8.836 - Privilege Escalation
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and uploa
28RISK
open ↗Exploit-DB
PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasploit)
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unseri
100RISK
open ↗Exploit-DB
Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard li
98RISK
open ↗Exploit-DB
CentOS Control Web Panel 0.9.8.836 - Authentication Bypass
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login pro
28RISK
open ↗Exploit-DB
CentOS Control Web Panel 0.9.8.838 - User Enumeration
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a usern
28RISK
open ↗Exploit-DB
Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds Write
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. Th
23RISK
open ↗Exploit-DB
CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities
Cisco Small Business Series Switches Open Redirect Vulnerability
53RISK
open ↗Exploit-DB
FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion
FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an in
50RISK
open ↗Exploit-DB
Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unau
100RISK
open ↗Exploit-DB
Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
A stored cross site scripting vulnerability in Jenkins Dependency Graph Viewer Plugin 0.13 and earlier allowed attackers
23RISK
open ↗Exploit-DB
Xymon 4.3.25 - useradm Command Execution (Metasploit)
xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via
50RISK
open ↗Exploit-DB
Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
100RISK
open ↗Exploit-DB
Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation
Microsoft Windows Security Feature Bypass Vulnerability
46RISK
open ↗Exploit-DB
Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of
93RISK
open ↗Exploit-DB
SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow
nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0.9 has a stack-based buffer overflow via a long var
23RISK
open ↗Exploit-DB
Sitecore 9.0 rev 171002 - Persistent Cross-Site Scripting
In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library and File Manager. An authenticated unprivileged u
23RISK
open ↗Exploit-DB
Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readCharset
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Rem
28RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.