Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
PANDORAFMS 7.0 - Authenticated Remote Code Execution
functions_netflow.php in Artica Pandora FMS 7.0 allows remote attackers to execute arbitrary OS commands via shell metac
28RISK
open ↗Exploit-DB
HP System Event Utility - Local Privilege Escalation
A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version
23RISK
open ↗Exploit-DB
OpenSMTPD 6.4.0 < 6.6.1 - Local Privilege Escalation + Remote Code Execution
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to
100RISK
open ↗Exploit-DB
CHIYU BF430 TCP IP Converter - Stored Cross-Site Scripting
Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter devices before 1.16.00, as demonstrated by the /if.cg
23RISK
open ↗Exploit-DB
Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
23RISK
open ↗Exploit-DB
Dota 2 7.23f - Denial of Service (PoC)
schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by
23RISK
open ↗Exploit-DB
Ricoh Driver - Privilege Escalation (Metasploit)
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attacker
38RISK
open ↗Exploit-DB
WordPress Plugin LearnDash LMS 3.1.2 - Reflective Cross-Site Scripting
The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field.
23RISK
open ↗Exploit-DB
OpenSMTPD - MAIL FROM Remote Code Execution (Metasploit)
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to
100RISK
open ↗Exploit-DB
D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi (Metasploit)
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the
60RISK
open ↗Exploit-DB
Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting
It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host heade
23RISK
open ↗Exploit-DB
iOS/macOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3
76RISK
open ↗Exploit-DB
EyesOfNetwork 5.3 - Remote Code Execution
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthe
60RISK
open ↗Exploit-DB
EyesOfNetwork 5.3 - Remote Code Execution
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoD
60RISK
open ↗Exploit-DB
Windscribe - WindscribeService Named Pipe Privilege Escalation (Metasploit)
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe s
38RISK
open ↗Exploit-DB
EyesOfNetwork 5.3 - Remote Code Execution
An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability
98RISK
open ↗Exploit-DB
Sudo 1.8.25p - 'pwfeedback' Buffer Overflow
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the
28RISK
open ↗Exploit-DB
Cisco Data Center Network Manager 11.2.1 - 'LanFabricImpl' Command Injection
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
60RISK
open ↗Exploit-DB
Cisco Data Center Network Manager 11.2.1 - 'getVmHostData' SQL Injection
Cisco Data Center Network Manager SQL Injection Vulnerabilities
53RISK
open ↗Exploit-DB
Cisco Data Center Network Manager 11.2.1 - 'getVmHostData' SQL Injection
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
70RISK
open ↗Exploit-DB
Cisco Data Center Network Manager 11.2 - Remote Code Execution
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
85RISK
open ↗Exploit-DB
Cisco Data Center Network Manager 11.2.1 - 'LanFabricImpl' Command Injection
Cisco Data Center Network Manager Command Injection Vulnerabilities
53RISK
open ↗Exploit-DB
xglance-bin 11.00 - Privilege Escalation
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via u
38RISK
open ↗Exploit-DB
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via
33RISK
open ↗Exploit-DB
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate se
41RISK
open ↗Exploit-DB
Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure (PoC)
An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated se
23RISK
open ↗Exploit-DB
Sudo 1.8.25p - 'pwfeedback' Buffer Overflow (PoC)
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the
28RISK
open ↗Exploit-DB
School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user.
23RISK
open ↗Exploit-DB
School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrati
23RISK
open ↗Exploit-DB
IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting
In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
43RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.