Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit600
TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user accounts with default passw
23RISK
open ↗Metasploit0
PHPMailer Sendmail Argument Injection
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra para
100RISK
open ↗Metasploit600
TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command inject
100RISK
open ↗Metasploit600
TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection
The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote
30RISK
open ↗Metasploit600
TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerabili
23RISK
open ↗Metasploit0
PHPMailer Sendmail Argument Injection
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman
60RISK
open ↗Metasploit600
VMware VDP Known SSH Key
VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which mak
30RISK
open ↗Metasploit600
NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Buffer Overflow
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cg
100RISK
open ↗Metasploit300
NETGEAR WNR2000v5 Administrator Password Recovery
The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the w
60RISK
open ↗Metasploit300
NETGEAR WNR2000v5 Administrator Password Recovery
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. Thi
50RISK
open ↗Metasploit600
Western Digital MyCloud unauthenticated command injection
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytic
40RISK
open ↗Metasploit600
Western Digital MyCloud unauthenticated command injection
It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulne
40RISK
open ↗Metasploit600
Netgear R7000 and R6400 cgi-bin Command Injection
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.B
100RISK
open ↗Metasploit600
DiskBoss Enterprise GET Buffer Overflow
DiskBoss Enterprise Stack-Based Buffer Overflow RCE
43RISK
open ↗Metasploit600
DiskSavvy Enterprise GET Buffer Overflow
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary c
50RISK
open ↗Metasploit300
Firefox nsSMILTimeContainer::NotifyTimeChange() RCE
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been dis
100RISK
open ↗Metasploit600
Jenkins CLI HTTP Java Deserialization Vulnerability
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a
60RISK
open ↗Metasploit300
Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064
The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary c
40RISK
open ↗Metasploit600
Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow
D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action
60RISK
open ↗Metasploit400
WinaXe 7.7 FTP Client Remote Buffer Overflow
WinaXe 7.7 FTP Client Remote Buffer Overflow
36RISK
open ↗Metasploit600
Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for t
60RISK
open ↗Metasploit300
Joomla Account Creation and Privilege Escalation
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before
60RISK
open ↗Metasploit300
Joomla Account Creation and Privilege Escalation
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before
60RISK
open ↗Metasploit600
Ruby on Rails Dynamic Render File Upload Remote Code Execution
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.
100RISK
open ↗Metasploit600
PowerShellEmpire Arbitrary File Upload (Skywalker)
BC Security Empire Path Traversal RCE
68RISK
open ↗Metasploit600
Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users
60RISK
open ↗Metasploit0
Apache Tomcat on RedHat Based Systems Insecure Temp Config Privilege Escalation
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distribu
38RISK
open ↗Metasploit300
Cisco Firepower Management Console 6.0 Post Auth Report Download Directory Traversal
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via
50RISK
open ↗Metasploit600
Disk Pulse Enterprise Login Buffer Overflow
Disk Pulse Enterprise 9.0.34 Login Stack Buffer Overflow
36RISK
open ↗Metasploit0
Apache Tomcat on Ubuntu Log Init Privilege Escalation
The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debia
38RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.