Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
8,078 exploits
VulnCheck XDB
infoleak
GLPI allows unauthenticated SQL injection through the inventory endpoint
78RISK
open ↗VulnCheck XDB
initial-access
Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code
100RISK
open ↗VulnCheck XDB
initial-access
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag in
60RISK
open ↗VulnCheck XDB
remote-with-credentials
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code e
100RISK
open ↗VulnCheck XDB
local
In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use aft
71RISK
open ↗VulnCheck XDB
infoleak
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISK
open ↗VulnCheck XDB
local
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RISK
open ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RISK
open ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RISK
open ↗VulnCheck XDB
initial-access
CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and
100RISK
open ↗VulnCheck XDB
infoleak
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISK
open ↗VulnCheck XDB
client-side
A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redire
78RISK
open ↗VulnCheck XDB
local
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RISK
open ↗VulnCheck XDB
initial-access
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUp
100RISK
open ↗VulnCheck XDB
local
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISK
open ↗VulnCheck XDB
initial-access
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISK
open ↗VulnCheck XDB
local
Code Injection vulnerability in SAP S/4HANA (Private Cloud or On-Premise)
48RISK
open ↗VulnCheck XDB
infoleak
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an
100RISK
open ↗VulnCheck XDB
initial-access
CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unle
100RISK
open ↗VulnCheck XDB
initial-access
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullN
100RISK
open ↗VulnCheck XDB
initial-access
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISK
open ↗VulnCheck XDB
initial-access
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISK
open ↗VulnCheck XDB
initial-access
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISK
open ↗VulnCheck XDB
local
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
71RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.