Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
3,462 exploits
Metasploit600
Firefox toString console.time Privileged Javascript Injection
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird befo
50RISK
open ↗Metasploit500
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attacke
60RISK
open ↗Metasploit300
ColdFusion 'password.properties' Hash Extraction
Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files
60RISK
open ↗Metasploit500
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cau
60RISK
open ↗Metasploit400
MS13-038 Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbit
100RISK
open ↗Metasploit300
AudioCoder .M3U Buffer Overflow
Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file.
43RISK
open ↗Metasploit300
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attac
50RISK
open ↗Metasploit600
phpMyAdmin Authenticated Remote Code Execution via preg_replace()
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a
43RISK
open ↗Metasploit300
ERS Viewer 2011 ERS File Handling Buffer Overflow
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 1
43RISK
open ↗Metasploit600
D-Link Devices Unauthenticated Remote Command Execution
D-Link Devices tools_vct.xgi Authenticated RCE
36RISK
open ↗Metasploit200
Tincd Post-Authentication Remote TCP Stack Buffer Overflow
Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pr
50RISK
open ↗Metasploit600
WordPress W3 Total Cache PHP Code Execution
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
60RISK
open ↗Metasploit600
Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.
50RISK
open ↗Metasploit600
Ruby on Rails Known Secret Session Cookie Remote Code Execution
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, an
60RISK
open ↗Metasploit600
MiniWeb (Build 300) Arbitrary File Upload
MiniWeb <= Build 300 Arbitrary File Upload
43RISK
open ↗Metasploit600
ABB MicroSCADA wserver.exe Remote Code Execution
ABB MicroSCADA Pro SYS600 Missing Authentication for Critical Function
40RISK
open ↗Metasploit300
Sophos Web Protection Appliance patience.cgi Directory Traversal
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read
60RISK
open ↗Metasploit300
MiniUPnPd 1.4 Denial of Service (DoS) Exploit
The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attacke
60RISK
open ↗Metasploit300
MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP
50RISK
open ↗Metasploit600
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.
60RISK
open ↗Metasploit600
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in
50RISK
open ↗Metasploit600
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier
43RISK
open ↗Metasploit300
vBulletin Password Collector via nodeid SQL Injection
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier
43RISK
open ↗Metasploit300
MongoDB nativeHelper.apply Remote Code Execution
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMo
50RISK
open ↗Metasploit500
Novell ZENworks Configuration Management Remote Execution
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform a
60RISK
open ↗Metasploit300
Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service
Sysax Multi-Server <= 6.10 SSHD Key Exchange DoS
36RISK
open ↗Metasploit600
Novell Zenworks Mobile Managment MDM.php Local File Inclusion Vulnerability
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote at
50RISK
open ↗Metasploit300
MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML obj
100RISK
open ↗Metasploit300
MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, wh
90RISK
open ↗Metasploit600
GroundWork monarch_scan.cgi OS Command Injection
monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to ex
50RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.