Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit500
HP Data Protector Backup Client Service Directory Traversal
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a
50RISK
open ↗Metasploit500
SerComm Device Remote Code Execution
The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x
60RISK
open ↗Metasploit300
SerComm Network Device Backdoor Detection
The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x
60RISK
open ↗Metasploit300
IBM Lotus Notes Sametime User Enumeration
Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remot
23RISK
open ↗Metasploit300
IBM Lotus Sametime Version Enumeration
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspeci
23RISK
open ↗Metasploit300
IBM Lotus Notes Sametime Room Name Bruteforce
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to determine whic
18RISK
open ↗Metasploit300
RealNetworks RealPlayer Version Attribute Buffer Overflow
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before
50RISK
open ↗Metasploit300
Adobe Flash Player Type Confusion Remote Code Execution
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2
60RISK
open ↗Metasploit300
IcoFX Stack Buffer Overflow
Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCoun
50RISK
open ↗Metasploit500
MS13-097 Registry Symlink IE Sandbox Escape
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and conseque
43RISK
open ↗Metasploit600
ElasticSearch Dynamic Script Arbitrary Java Execution
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execut
100RISK
open ↗Metasploit600
Zimbra Collaboration Server LFI
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zim
60RISK
open ↗Metasploit300
IBM Forms Viewer Unicode Buffer Overflow
Stack-based buffer overflow in IBM Forms Viewer 4.x before 4.0.0.3 and 8.x before 8.0.1.1 allows remote attackers to exe
50RISK
open ↗Metasploit300
Ruby on Rails Action View MIME Memory Exhaustion
actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allo
23RISK
open ↗Metasploit200
Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, W
43RISK
open ↗Metasploit600
WordPress OptimizePress Theme File Upload Vulnerability
Multiple unrestricted file upload vulnerabilities in (1) media-upload.php, (2) media-upload-lncthumb.php, and (3) media-
23RISK
open ↗Metasploit200
MS14-002 Microsoft Windows ndproxy.sys Local Privilege Escalation
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges
98RISK
open ↗Metasploit300
Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow
Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary
43RISK
open ↗Metasploit300
Ruby on Rails JSON Processor Floating Point Heap Overflow DoS
Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and tru
30RISK
open ↗Metasploit600
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload
Idera Up.Time ≤ 7.2 post2file.php Arbitrary File Upload RCE
63RISK
open ↗Metasploit300
Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection
SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and Mana
23RISK
open ↗Metasploit300
Huawei Datacard Information Disclosure Vulnerability
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remot
18RISK
open ↗Metasploit600
Kaseya uploadImage Arbitrary File Upload
Kaseya < 6.3.0.2 uploadImage.asp Arbitrary File Upload RCE
63RISK
open ↗Metasploit600
ManageEngine Desktop Central AgentLogUpload Arbitrary File Upload
Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before buil
60RISK
open ↗Metasploit300
MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server
100RISK
open ↗Metasploit300
IBM Lotus Sametime WebPlayer DoS
IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension c
18RISK
open ↗Metasploit300
Supermicro Onboard IPMI CGI Vulnerability Scanner
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Managemen
60RISK
open ↗Metasploit300
Supermicro Onboard IPMI Static SSL Certificate Scanner
Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_3
18RISK
open ↗Metasploit300
Supermicro Onboard IPMI url_redirect.cgi Authenticated Directory Traversal
Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attacker
18RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.