Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
3,462 exploits
Metasploit300
Canon Wireless Printer Denial Of Service
CVE-2013-461518 Jun 2013
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause
23RISK
open
Metasploit300
Canon Printer Wireless Configuration Disclosure
CVE-2013-461418 Jun 2013
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX9
18RISK
open
Metasploit500
FreeBSD 9 Address Space Manipulation Privilege Escalation
CVE-2013-217118 Jun 2013
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEAS
38RISK
open
Metasploit500
Java Applet ProviderSkeleton Insecure Invoke Method
CVE-2013-246018 Jun 2013
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and
60RISK
open
Metasploit600
Havalite CMS Arbitary File Upload Vulnerability
CVE-2013-10055CRITICAL17 Jun 2013
Havalite CMS Arbitary File Upload RCE
63RISK
open
Metasploit600
LibrettoCMS File Manager Arbitary File Upload Vulnerability
CVE-2013-10054CRITICAL14 Jun 2013
LibrettoCMS File Manager Arbitrary File Upload
63RISK
open
Metasploit600
HP System Management Homepage JustGetSNMPQueue Command Injection
CVE-2013-357611 Jun 2013
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands vi
50RISK
open
Metasploit600
ZPanel 10.0.0.2 htpasswd Module Username Command Execution
CVE-2013-10053HIGH07 Jun 2013
ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution
36RISK
open
Metasploit600
ZPanel zsudo Local Privilege Escalation Exploit
CVE-2013-10052HIGH07 Jun 2013
ZPanel zsudo Local Privilege Escalation
36RISK
open
Metasploit600
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
CVE-2013-212106 Jun 2013
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote
43RISK
open
Metasploit300
Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
CVE-2013-211306 Jun 2013
The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users w
43RISK
open
Metasploit600
Netgear DGN1000 Setup.cgi Unauthenticated RCE
CVE-2024-12847CRITICAL05 Jun 2013
NETGEAR DGN setup.cgi OS Command Injection
68RISK
open
Metasploit300
HP Data Protector Cell Request Service Buffer Overflow
CVE-2013-233303 Jun 2013
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arb
60RISK
open
Metasploit300
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
CVE-2013-10057HIGH30 May 2013
Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow
36RISK
open
Metasploit0
Intrasrv 1.0 Buffer Overflow
CVE-2019-1718130 May 2013
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET o
30RISK
open
Metasploit300
Monkey HTTPD Header Parsing Denial of Service (DoS)
CVE-2013-384330 May 2013
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) be
23RISK
open
Metasploit500
Apache Struts includeParams Remote Code Execution
CVE-2013-196624 May 2013
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISK
open
Metasploit500
Apache Struts includeParams Remote Code Execution
CVE-2013-211524 May 2013
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISK
open
Metasploit300
ERS Viewer 2013 ERS File Handling Buffer Overflow
CVE-2013-348223 May 2013
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.
50RISK
open
Metasploit600
Java JMX Server Insecure Configuration Java Code Execution
CVE-2015-234222 May 2013
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISK
open
Metasploit200
Novell Client 2 SP3 nicm.sys Local Privilege Escalation
CVE-2013-395622 May 2013
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2
38RISK
open
Metasploit300
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
CVE-2013-356322 May 2013
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a de
50RISK
open
Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
CVE-2013-101722 May 2013
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISK
open
Metasploit300
Java JMX Server Insecure Endpoint Code Execution Scanner
CVE-2015-234222 May 2013
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISK
open
Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
CVE-2013-101722 May 2013
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISK
open
Metasploit200
Kimai v0.9.2 'db_restore.php' SQL Injection
CVE-2013-10033CRITICAL21 May 2013
Kimai 0.9.2 db_restore.php SQL Injection
63RISK
open
Metasploit300
Mutiny 5 Arbitrary File Read and Delete
CVE-2013-013615 May 2013
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISK
open
Metasploit200
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
CVE-2013-3660HIGHunder attack15 May 2013
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo
98RISK
open
Metasploit600
Mutiny 5 Arbitrary File Upload
CVE-2013-013615 May 2013
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISK
open
Metasploit600
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
CVE-2013-352015 May 2013
VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers t
50RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.