Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird befo
50RISK
open ↗Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi
50RISK
open ↗Metasploit600
Squash YAML Code Execution
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter t
50RISK
open ↗Metasploit600
Agnitum Outpost Internet Security Local Privilege Escalation
Agnitum Outpost Internet Security Local Privilege Escalation
36RISK
open ↗Metasploit600
Joomla Media Manager File Upload Vulnerability
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before
50RISK
open ↗Metasploit0
HP SiteScope Remote Code Execution
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execu
50RISK
open ↗Metasploit300
HP LoadRunner magentproc.exe Overflow
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISK
open ↗Metasploit600
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacha
60RISK
open ↗Metasploit300
Chasys Draw IES Buffer Overflow
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote atta
50RISK
open ↗Metasploit300
Cogent DataHub HTTP Server Buffer Overflow
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub befor
23RISK
open ↗Metasploit300
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISK
open ↗Metasploit300
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISK
open ↗Metasploit600
Oracle Endeca Server Remote Command Execution
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows rem
50RISK
open ↗Metasploit0
NETGEAR ReadyNAS Perl Code Evaluation
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator
60RISK
open ↗Metasploit600
Linksys Devices pingstr Remote Command Injection
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentica
43RISK
open ↗Metasploit300
Ultra Mini HTTPD Stack Buffer Overflow
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RISK
open ↗Metasploit300
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
100RISK
open ↗Metasploit300
Corel PDF Fusion Stack Buffer Overflow
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wi
43RISK
open ↗Metasploit300
D-Link Devices UPnP SOAP Command Execution
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClien
100RISK
open ↗Metasploit600
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a
100RISK
open ↗Metasploit300
HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attacke
50RISK
open ↗Metasploit600
Nodejs js-yaml load() Code Execution
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
43RISK
open ↗Metasploit300
PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USE
50RISK
open ↗Metasploit600
Horde Framework Unserialize PHP Code Execution
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to c
50RISK
open ↗Metasploit300
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
50RISK
open ↗Metasploit600
InstantCMS 1.6 Remote PHP Code Execution
InstantCMS <= 1.6 Remote PHP Code Execution
63RISK
open ↗Metasploit300
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before
98RISK
open ↗Metasploit300
MediaCoder .M3U Buffer Overflow
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
43RISK
open ↗Metasploit300
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote
60RISK
open ↗Metasploit300
IPMI 2.0 Cipher Zero Authentication Bypass Scanner
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands b
23RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.