Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,114cataloged exploits
31,649CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,810GitHub PoC 13,116VulnCheck XDB 8,069Nuclei 4,188Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit300
Path Traversal in Oracle GlassFish Server Open Source Edition
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Trave
60RISK
open ↗Metasploit300
PCMAN FTP Server Buffer Overflow - PUT Command
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USE
50RISK
open ↗Metasploit600
Hak5 WiFi Pineapple Preconfiguration Command Injection
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
50RISK
open ↗Metasploit600
Hak5 WiFi Pineapple Preconfiguration Command Injection
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
50RISK
open ↗Metasploit600
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers t
50RISK
open ↗Metasploit600
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticat
50RISK
open ↗Metasploit600
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticat
43RISK
open ↗Metasploit300
Heroes of Might and Magic III .h3m Map file Buffer Overflow
Heroes of Might and Magic III .h3m Map File Buffer Overflow
36RISK
open ↗Metasploit300
BIND TKEY Query Denial of Service
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (
60RISK
open ↗Metasploit300
Moxa Device Credential Retrieval
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 52
48RISK
open ↗Metasploit500
Libuser roothelper Privilege Escalation
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly mod
38RISK
open ↗Metasploit500
Libuser roothelper Privilege Escalation
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in t
38RISK
open ↗Metasploit500
Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation
dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to g
18RISK
open ↗Metasploit0
ManageEngine EventLog Analyzer Remote Code Execution
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions
60RISK
open ↗Metasploit0
MS15-078 Microsoft Windows Font Driver Buffer Overflow
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2
100RISK
open ↗Metasploit0
MS15-078 Microsoft Windows Font Driver Buffer Overflow
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Wi
43RISK
open ↗Metasploit600
Accellion FTA getStatus verify_oauth_token Command Execution
Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metach
60RISK
open ↗Metasploit300
Accellion FTA 'statecode' Cookie Arbitrary File Read
Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices
30RISK
open ↗Metasploit600
X11 Keyboard Command Injection
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
23RISK
open ↗Metasploit500
Western Digital Arkeia Remote Code Execution
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to b
60RISK
open ↗Metasploit300
OpenSSL Alternative Chains Certificate Forgery MITM Proxy
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly
50RISK
open ↗Metasploit500
Adobe Flash Player ByteArray Use After Free
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.
100RISK
open ↗Metasploit500
Adobe Flash opaqueBackground Use After Free
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player
100RISK
open ↗Metasploit500
Apple OS X Entitlements Rootpipe Privilege Escalation
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allow
38RISK
open ↗Metasploit600
Watchguard XCS Remote Command Execution
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell
50RISK
open ↗Metasploit400
Pallete Projects Werkzeug Debugger Remote Code Execution
Werkzeug's improper usage of a pathname and improper CSRF protection results in the remote command execution
36RISK
open ↗Metasploit600
Endian Firewall Proxy Password Change Command Injection
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISK
open ↗Metasploit500
Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows an
100RISK
open ↗Metasploit500
Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457
100RISK
open ↗Metasploit600
Ruby on Rails Web Console (v2) Whitelist Bypass Code Execution
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.