Public exploitation
Exploit catalog
Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.
71,180cataloged exploits
31,691CVEs with public exploitation
0lab-tested
AllExploit-DB 22,469Referência 19,841GitHub PoC 13,140VulnCheck XDB 8,078Nuclei 4,190Metasploit 3,462✓ verified onlyrecentpopularrisk
22,469 exploits
Exploit-DB
Microsoft VBScript - VbsErase Memory Corruption
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows
35RISK
open ↗Exploit-DB
Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML
A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restri
35RISK
open ↗Exploit-DB
MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting
An XSS issue was discovered in upcoming_events.php in the Upcoming Events plugin before 1.33 for MyBB via a crafted name
23RISK
open ↗Exploit-DB
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution (Metasploit)
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src
60RISK
open ↗Exploit-DB
Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilter
Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially explo
23RISK
open ↗Exploit-DB
Google Chrome < M73 - Double-Destruction Race in StoragePartitionService
Double free in DOMStorage in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap c
41RISK
open ↗Exploit-DB
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution (Metasploit)
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins
60RISK
open ↗Exploit-DB
Google Chrome < M73 - MidiManagerWin Use-After-Free
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed
23RISK
open ↗Exploit-DB
Google Chrome < M73 - FileSystemOperationRunner Use-After-Free
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allo
23RISK
open ↗Exploit-DB
Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject
A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash obj
28RISK
open ↗Exploit-DB
BMC Patrol Agent - Privilege Escalation Code Execution Execution (Metasploit)
An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for l
38RISK
open ↗Exploit-DB
Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities
In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the "ipaddress" hid
23RISK
open ↗Exploit-DB
Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities
Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfa
23RISK
open ↗Exploit-DB
Moodle 3.4.1 - Remote Code Execution
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code exec
35RISK
open ↗Exploit-DB
CMS Made Simple Showtime2 Module 3.6.2 - (Authenticated) Arbitrary File Upload
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard
50RISK
open ↗Exploit-DB
FTPGetter Standard 5.97.0.177 - Remote Code Execution
FTPGetter Standard v.5.97.0.177 allows remote code execution when a user initiates an FTP connection to an attacker-cont
50RISK
open ↗Exploit-DB
elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
60RISK
open ↗Exploit-DB
Apache Tika-server < 1.18 - Command Injection
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to
60RISK
open ↗Exploit-DB
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
50RISK
open ↗Exploit-DB
Microsoft Windows MSHTML Engine - 'Edit' Remote Code Execution
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML E
83RISK
open ↗Exploit-DB
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, re
35RISK
open ↗Exploit-DB
Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local us
23RISK
open ↗Exploit-DB
Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_c
50RISK
open ↗Exploit-DB
PRTG Network Monitor 18.2.38 - (Authenticated) Remote Code Execution
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administra
100RISK
open ↗Exploit-DB
DirectAdmin 1.55 - 'CMD_ACCOUNT_ADMIN' Cross-Site Request Forgery
JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to create a new admin account.
23RISK
open ↗Exploit-DB
McAfee ePO 5.9.1 - Registered Executable Local Access Bypass
SB10240 - ePolicy Orchestrator (ePO) - Application Protection Bypass vulnerability
33RISK
open ↗Exploit-DB
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1,
28RISK
open ↗Exploit-DB
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and
50RISK
open ↗Exploit-DB
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Drupal core - Highly critical - Remote Code Execution
100RISK
open ↗We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.