Public exploitation

Exploit catalog

Every public exploit we catalog, in one index. Search by CVE, exploit name or technology — and see, right beside it, what the flaw is actually worth: severity, exploitation probability, and whether it’s already under attack.

71,062cataloged exploits
31,617CVEs with public exploitation
0lab-tested
3,462 exploits
Metasploit600
Ollama Model Registry Path Traversal RCE
CVE-2024-37032HIGH05 May 2024
Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path,
78RISK
open
Metasploit600
Flowmon Unauthenticated Command Injection
CVE-2024-2389CRITICAL23 Apr 2024
Flowmon Unauthenticated Command Injection Vulnerability
85RISK
open
Metasploit600
Apache HugeGraph Gremlin RCE
CVE-2024-27348CRITICALunder attack22 Apr 2024
Apache HugeGraph-Server: Command execution in gremlin
100RISK
open
Metasploit600
FortiNet FortiClient Endpoint Management Server FCTID SQLi to RCE
CVE-2023-48788CRITICALunder attackransomware21 Apr 2024
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS versio
100RISK
open
Metasploit600
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
CVE-2024-3400CRITICALunder attackransomware12 Apr 2024
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
100RISK
open
Metasploit300
Netdata ndsudo privilege escalation
CVE-2024-32019HIGH12 Apr 2024
ndsudo: local privilege escalation via untrusted search path
36RISK
open
Metasploit600
Chaos RAT XSS to RCE
CVE-2024-3085010 Apr 2024
15RISK
open
Metasploit600
Chaos RAT XSS to RCE
CVE-2024-31839MEDIUM10 Apr 2024
Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via th
28RISK
open
Metasploit600
AVideo WWBNIndex Plugin Unauthenticated RCE
CVE-2024-31819CRITICAL09 Apr 2024
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath
68RISK
open
Metasploit600
pgAdmin Binary Path API RCE
CVE-2024-3116HIGH28 Mar 2024
Remote Code Execution Vulnerability through the validate binary path API in pgAdmin 4
48RISK
open
Metasploit600
Kemp LoadMaster Local sudo privilege escalation
CVE-2024-1212CRITICALunder attack19 Mar 2024
LoadMaster Pre-Authenticated OS Command Injection
100RISK
open
Metasploit600
Kemp LoadMaster Unauthenticated Command Injection
CVE-2024-1212CRITICALunder attack19 Mar 2024
LoadMaster Pre-Authenticated OS Command Injection
100RISK
open
Metasploit600
Progress Flowmon Local sudo privilege escalation
CVE-2024-2389CRITICAL19 Mar 2024
Flowmon Unauthenticated Command Injection Vulnerability
85RISK
open
Metasploit600
Gibbon School Platform Authenticated PHP Deserialization Vulnerability
CVE-2024-24725HIGH18 Mar 2024
Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POS
48RISK
open
Metasploit600
RaspberryMatic unauthenticated Remote Code Execution vulnerability through HMServer File Upload.
CVE-2024-24578CRITICAL16 Mar 2024
RaspberryMatic Unauthenticated Remote Code Execution vulnerability through HMServer File Upload
43RISK
open
Metasploit600
OpenMetadata authentication bypass and SpEL injection exploit chain
CVE-2024-28254HIGH15 Mar 2024
SpEL Injection in `GET /api/v1/events/subscriptions/validation/condition/<expr>` in OpenMetadata
48RISK
open
Metasploit600
OpenMetadata authentication bypass and SpEL injection exploit chain
CVE-2024-28255CRITICAL15 Mar 2024
Authentication Bypass in OpenMetadata
85RISK
open
Metasploit600
Ghostscript Command Execution via Format String
CVE-2024-29510MEDIUM14 Mar 2024
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with
33RISK
open
Metasploit600
WordPress wp-automatic Plugin SQLi Admin Creation
CVE-2024-27956CRITICAL13 Mar 2024
WordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary SQL Execution vulnerability
85RISK
open
Metasploit300
CVE-2024-20767 - Adobe Coldfusion Arbitrary File Read
CVE-2024-20767HIGHunder attack12 Mar 2024
ColdFusion | Improper Access Control (CWE-284)
100RISK
open
Metasploit600
NorthStar C2 XSS to Agent RCE
CVE-2024-28741HIGH12 Mar 2024
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code
58RISK
open
Metasploit600
Artica Proxy Unauthenticated PHP Deserialization Vulnerability
CVE-2024-2054CRITICAL05 Mar 2024
Artica Proxy Unauthenticated PHP Deserialization Vulnerability
85RISK
open
Metasploit600
JetBrains TeamCity Unauthenticated Remote Code Execution
CVE-2024-27198CRITICALunder attackransomware04 Mar 2024
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
100RISK
open
Metasploit600
Judge0 sandbox escape
CVE-2024-28189CRITICAL04 Mar 2024
Judge0 vulnerable to Sandbox Escape Patch Bypass via chown running on Symbolic Link
43RISK
open
Metasploit600
Judge0 sandbox escape
CVE-2024-28185CRITICAL04 Mar 2024
Judge0 vulnerable to Sandbox Escape via Symbolic Link
43RISK
open
Metasploit600
pgAdmin Session Deserialization RCE
CVE-2024-2044CRITICAL04 Mar 2024
Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4
65RISK
open
Metasploit600
Apache Solr Backup/Restore APIs RCE
CVE-2023-50386HIGH24 Feb 2024
Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
58RISK
open
Metasploit600
Unauthenticated RCE in Bricks Builder Theme
CVE-2024-25600CRITICAL19 Feb 2024
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RISK
open
Metasploit600
ConnectWise ScreenConnect Unauthenticated Remote Code Execution
CVE-2024-1708HIGHunder attackransomware19 Feb 2024
Improper limitation of a pathname to a restricted directory (“path traversal”)
100RISK
open
Metasploit600
ConnectWise ScreenConnect Unauthenticated Remote Code Execution
CVE-2024-1709CRITICALunder attackransomware19 Feb 2024
Authentication bypass using an alternate path or channel
100RISK
open

We index only the public link to the proof of concept — we never host or redistribute exploitation code. Sources: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit and VulnCheck XDB. A public PoC existing does not mean the flaw is exploitable in your environment.