Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
19,841 exploits
Referência
CVE-2013-2143
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update
50RISK
open ↗Referência
CVE-2013-2143
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update
50RISK
open ↗Referência
Microsoft Excel 2000/2003 - Sheet Name (PoC)
Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified
35RISK
open ↗Referência
CVE-2011-5130
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers t
50RISK
open ↗Referência
CVE-2022-31188
Server-Side Request Forgery Vulnerability in Computer Vision Annotation Tool (CVAT)
53RISK
open ↗Referência
CVE-2023-50919
An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string
75RISK
open ↗Referência
CVE-2012-4361
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to exe
50RISK
open ↗Referência
CVE-2012-4361
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to exe
50RISK
open ↗Referência
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin
50RISK
open ↗Referência
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin
50RISK
open ↗Referência
CVE-2012-3569
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Pl
50RISK
open ↗Referência
CVE-2013-2094
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data t
83RISK
open ↗Referência
CVE-2013-2094
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data t
83RISK
open ↗Referência
CVE-2018-1000811
bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages
35RISK
open ↗Referência
CVE-2015-3093
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460
35RISK
open ↗Referência
CVE-2018-8544
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows
35RISK
open ↗Referência
CVE-2011-5130
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers t
50RISK
open ↗Referência
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISK
open ↗Referência
CVE-2010-0985
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote atta
43RISK
open ↗Referência
CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticat
50RISK
open ↗Referência
jetAudio 7.x - ActiveX 'DownloadFromMusicStore()' Code Execution
Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic an
35RISK
open ↗Referência
CVE-2016-3316
Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to execute arbitrary code via a craf
35RISK
open ↗Referência
CVE-2014-2299
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10
50RISK
open ↗Referência
CVE-2014-2299
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10
50RISK
open ↗Referência
Microsoft Windows Server 2000 - UPNP 'getdevicelist' Memory Leak Denial of Service
PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 a
35RISK
open ↗Referência
CVE-2014-2962
Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware befor
50RISK
open ↗Referência
CVE-2023-30258
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary com
85RISK
open ↗Referência
CVE-2020-10914
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.
75RISK
open ↗Referência
Cain & Abel 4.9.23 - '.rdp' Buffer Overflow (PoC)
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier,
50RISK
open ↗Referência
Cain & Abel 4.9.24 - '.rdp' Local Stack Overflow
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier,
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.