Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
Firebird Relational Database CNCT Group Number Buffer Overflow
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windo
50RISK
open ↗Metasploit300
Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution
An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows r
50RISK
open ↗Metasploit300
Portable UPnP SDK unique_service_name() Remote Code Execution
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
60RISK
open ↗Metasploit600
Ruby on Rails JSON Processor YAML Deserialization Code Execution
lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly
60RISK
open ↗Metasploit300
Ruby on Rails Devise Authentication Password Reset
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certa
23RISK
open ↗Metasploit600
DataLife Engine preview.php PHP Code Injection
DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[] parameter to engine/pr
50RISK
open ↗Metasploit600
ZoneMinder Video Server packageControl Command Execution
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitra
50RISK
open ↗Metasploit300
GE Proficy Cimplicity WebView substitute.bcl Directory Traversal
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy
23RISK
open ↗Metasploit600
Java Applet JMX Remote Code Execution
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and Ope
100RISK
open ↗Metasploit0
Linksys WRT54GL apply.cgi Command Execution
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote
60RISK
open ↗Metasploit600
EMC AlphaStor Device Manager Opcode 0x75 Command Injection
The NetWorker command processor in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote
50RISK
open ↗Metasploit300
Cool PDF Image Stream Buffer Overflow
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a P
43RISK
open ↗Metasploit300
Polycom Command Shell Authorization Bypass
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitra
23RISK
open ↗Metasploit300
Linksys WRT54GL Remote Command Execution
There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attack
36RISK
open ↗Metasploit600
PHP-Charts v1.0 PHP Code Execution Vulnerability
PHP-Charts v1.0 PHP Code Execution
63RISK
open ↗Metasploit600
Java Applet JMX Remote Code Execution
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using
100RISK
open ↗Metasploit600
Java Applet Reflection Type Confusion Remote Code Execution
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and
95RISK
open ↗Metasploit600
Java Applet Driver Manager Privileged toString() Remote Code Execution
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remo
60RISK
open ↗Metasploit300
BigAnt Server 2 SCH And DUPF Buffer Overflow
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have
50RISK
open ↗Metasploit600
BigAnt Server DUPF Command Arbitrary File Upload
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to
50RISK
open ↗Metasploit300
Firefox XMLSerializer Use After Free
Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox b
50RISK
open ↗Metasploit600
Firefox 17.0.1 Flash Privileged Code Injection
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbi
50RISK
open ↗Metasploit600
Firefox 17.0.1 Flash Privileged Code Injection
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderb
60RISK
open ↗Metasploit300
Foxit Reader Plugin URL Processing Buffer Overflow
Foxit Reader <= 5.4.5.0114 Plugin URL Processing Buffer Overflow
43RISK
open ↗Metasploit600
Ruby on Rails XML Processor YAML Deserialization Code Execution
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, an
60RISK
open ↗Metasploit600
Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for reque
50RISK
open ↗Metasploit300
WordPress Plugin Google Document Embedder Arbitrary File Disclosure
Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers t
50RISK
open ↗Metasploit300
Simple Web Server 2.3-RC1 Directory Traversal
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitra
23RISK
open ↗Metasploit600
eXtplorer v2.1 Arbitrary File Upload Vulnerability
ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empt
23RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.