Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could
68RISK
open ↗Exploit-DB
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Ja
28RISK
open ↗Exploit-DB
ASUS HG100 - Denial of Service
ASUS HG100 devices allow denial of service via an IPv4 packet flood.
28RISK
open ↗Exploit-DB
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Ja
28RISK
open ↗Exploit-DB
Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation
Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Troj
23RISK
open ↗Exploit-DB
Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Wind
23RISK
open ↗Exploit-DB
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), ak
23RISK
open ↗Exploit-DB
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), ak
23RISK
open ↗Exploit-DB
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, U
43RISK
open ↗Exploit-DB
Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder param
35RISK
open ↗Exploit-DB
Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to proper
23RISK
open ↗Exploit-DB
Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), ak
23RISK
open ↗Exploit-DB
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), ak
23RISK
open ↗Exploit-DB
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), ak
23RISK
open ↗Exploit-DB
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)
Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability
85RISK
open ↗Exploit-DB
CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)
An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload proce
35RISK
open ↗Exploit-DB
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x b
100RISK
open ↗Exploit-DB
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file
23RISK
open ↗Exploit-DB
ATutor < 2.2.4 - 'file_manager' Remote Code Execution (Metasploit)
An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user
23RISK
open ↗Exploit-DB
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XX
100RISK
open ↗Exploit-DB
Microsoft Windows - AppX Deployment Service Privilege Escalation
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard li
98RISK
open ↗Exploit-DB
Apache Axis 1.4 - Remote Code Execution
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2
45RISK
open ↗Exploit-DB
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispos
28RISK
open ↗Exploit-DB
Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution
Cross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to ex
23RISK
open ↗Exploit-DB
Apache 2.4.17 < 2.4.38 - 'apache2ctl graceful' 'logrotate' Local Privilege Escalation
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privilege
83RISK
open ↗Exploit-DB
ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 18.82.2000.0 allows remote attackers to
23RISK
open ↗Exploit-DB
ManageEngine ServiceDesk Plus 9.3 - User Enumeration
Information leakage vulnerability in the /mc login page in ManageEngine ServiceDesk Plus 9.3 software allows authenticat
23RISK
open ↗Exploit-DB
SaLICru -SLC-20-cube3(5) - HTML Injection
A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82
23RISK
open ↗Exploit-DB
ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE before 19.49.1500.0 allows remote attack
23RISK
open ↗Exploit-DB
QNAP Netatalk < 3.1.12 - Authentication Bypass
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking
70RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.