Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
3,462 exploits
Metasploit300
Canon Wireless Printer Denial Of Service
CVE-2013-461518 Jun 2013
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause
23RISK
open
Metasploit300
Canon Printer Wireless Configuration Disclosure
CVE-2013-461418 Jun 2013
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX9
18RISK
open
Metasploit500
Java Applet ProviderSkeleton Insecure Invoke Method
CVE-2013-246018 Jun 2013
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and
60RISK
open
Metasploit500
FreeBSD 9 Address Space Manipulation Privilege Escalation
CVE-2013-217118 Jun 2013
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEAS
38RISK
open
Metasploit600
Havalite CMS Arbitary File Upload Vulnerability
CVE-2013-10055CRITICAL17 Jun 2013
Havalite CMS Arbitary File Upload RCE
63RISK
open
Metasploit600
LibrettoCMS File Manager Arbitary File Upload Vulnerability
CVE-2013-10054CRITICAL14 Jun 2013
LibrettoCMS File Manager Arbitrary File Upload
63RISK
open
Metasploit600
HP System Management Homepage JustGetSNMPQueue Command Injection
CVE-2013-357611 Jun 2013
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands vi
50RISK
open
Metasploit600
ZPanel zsudo Local Privilege Escalation Exploit
CVE-2013-10052HIGH07 Jun 2013
ZPanel zsudo Local Privilege Escalation
36RISK
open
Metasploit600
ZPanel 10.0.0.2 htpasswd Module Username Command Execution
CVE-2013-10053HIGH07 Jun 2013
ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution
36RISK
open
Metasploit600
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
CVE-2013-212106 Jun 2013
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote
43RISK
open
Metasploit300
Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
CVE-2013-211306 Jun 2013
The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users w
43RISK
open
Metasploit600
Netgear DGN1000 Setup.cgi Unauthenticated RCE
CVE-2024-12847CRITICAL05 Jun 2013
NETGEAR DGN setup.cgi OS Command Injection
68RISK
open
Metasploit300
HP Data Protector Cell Request Service Buffer Overflow
CVE-2013-233303 Jun 2013
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arb
60RISK
open
Metasploit300
Monkey HTTPD Header Parsing Denial of Service (DoS)
CVE-2013-384330 May 2013
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) be
23RISK
open
Metasploit300
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
CVE-2013-10057HIGH30 May 2013
Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow
36RISK
open
Metasploit0
Intrasrv 1.0 Buffer Overflow
CVE-2019-1718130 May 2013
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET o
30RISK
open
Metasploit500
Apache Struts includeParams Remote Code Execution
CVE-2013-196624 May 2013
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISK
open
Metasploit500
Apache Struts includeParams Remote Code Execution
CVE-2013-211524 May 2013
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISK
open
Metasploit300
ERS Viewer 2013 ERS File Handling Buffer Overflow
CVE-2013-348223 May 2013
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.
50RISK
open
Metasploit300
Java JMX Server Insecure Endpoint Code Execution Scanner
CVE-2015-234222 May 2013
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISK
open
Metasploit600
Java JMX Server Insecure Configuration Java Code Execution
CVE-2015-234222 May 2013
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISK
open
Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
CVE-2013-101722 May 2013
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISK
open
Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
CVE-2013-101722 May 2013
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISK
open
Metasploit300
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
CVE-2013-356322 May 2013
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a de
50RISK
open
Metasploit200
Novell Client 2 SP3 nicm.sys Local Privilege Escalation
CVE-2013-395622 May 2013
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2
38RISK
open
Metasploit200
Kimai v0.9.2 'db_restore.php' SQL Injection
CVE-2013-10033CRITICAL21 May 2013
Kimai 0.9.2 db_restore.php SQL Injection
63RISK
open
Metasploit600
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
CVE-2013-352015 May 2013
VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers t
50RISK
open
Metasploit300
Mutiny 5 Arbitrary File Read and Delete
CVE-2013-013615 May 2013
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISK
open
Metasploit200
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
CVE-2013-3660HIGHunder attack15 May 2013
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo
98RISK
open
Metasploit600
Mutiny 5 Arbitrary File Upload
CVE-2013-013615 May 2013
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.