Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
Canon Wireless Printer Denial Of Service
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause
23RISK
open ↗Metasploit300
Canon Printer Wireless Configuration Disclosure
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX9
18RISK
open ↗Metasploit500
Java Applet ProviderSkeleton Insecure Invoke Method
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and
60RISK
open ↗Metasploit500
FreeBSD 9 Address Space Manipulation Privilege Escalation
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEAS
38RISK
open ↗Metasploit600
Havalite CMS Arbitary File Upload Vulnerability
Havalite CMS Arbitary File Upload RCE
63RISK
open ↗Metasploit600
LibrettoCMS File Manager Arbitary File Upload Vulnerability
LibrettoCMS File Manager Arbitrary File Upload
63RISK
open ↗Metasploit600
HP System Management Homepage JustGetSNMPQueue Command Injection
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands vi
50RISK
open ↗Metasploit600
ZPanel zsudo Local Privilege Escalation Exploit
ZPanel zsudo Local Privilege Escalation
36RISK
open ↗Metasploit600
ZPanel 10.0.0.2 htpasswd Module Username Command Execution
ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution
36RISK
open ↗Metasploit600
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote
43RISK
open ↗Metasploit300
Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users w
43RISK
open ↗Metasploit600
Netgear DGN1000 Setup.cgi Unauthenticated RCE
NETGEAR DGN setup.cgi OS Command Injection
68RISK
open ↗Metasploit300
HP Data Protector Cell Request Service Buffer Overflow
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arb
60RISK
open ↗Metasploit300
Monkey HTTPD Header Parsing Denial of Service (DoS)
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) be
23RISK
open ↗Metasploit300
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow
36RISK
open ↗Metasploit0
Intrasrv 1.0 Buffer Overflow
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET o
30RISK
open ↗Metasploit500
Apache Struts includeParams Remote Code Execution
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISK
open ↗Metasploit500
Apache Struts includeParams Remote Code Execution
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISK
open ↗Metasploit300
ERS Viewer 2013 ERS File Handling Buffer Overflow
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.
50RISK
open ↗Metasploit300
Java JMX Server Insecure Endpoint Code Execution Scanner
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISK
open ↗Metasploit600
Java JMX Server Insecure Configuration Java Code Execution
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISK
open ↗Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISK
open ↗Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISK
open ↗Metasploit300
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a de
50RISK
open ↗Metasploit200
Novell Client 2 SP3 nicm.sys Local Privilege Escalation
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2
38RISK
open ↗Metasploit200
Kimai v0.9.2 'db_restore.php' SQL Injection
Kimai 0.9.2 db_restore.php SQL Injection
63RISK
open ↗Metasploit600
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers t
50RISK
open ↗Metasploit300
Mutiny 5 Arbitrary File Read and Delete
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISK
open ↗Metasploit200
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo
98RISK
open ↗Metasploit600
Mutiny 5 Arbitrary File Upload
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.