The Exploit Database

UUSEE ActiveX <6.11.0412.1 bu
Apache APISIX 2.12.1 - Remote
Google Chrome Denial Of Servic

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits

Date	Description		Plat.	Author
2022-03-18	Apache APISIX 2.12.1 - Remote Code Execution (RCE)	4555	REMOTE	Ven3xy
2021-04-06	Google Chrome 81.0.4044 V8 - Remote Code Execution	2403	REMOTE	Tobias Marcotto
2021-04-06	Google Chrome 86.0.4240 V8 - Remote Code Execution	968	REMOTE	Tobias Marcotto
2021-04-06	vsftpd 3.0.3 - Remote Denial of Service	710	REMOTE	xynmaps
2021-04-06	Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon)	610	REMOTE	F5
2021-03-12	Golden FTP Server 4.70 - 'PASS' Buffer Overflow	523	REMOTE	1F98D
2021-03-03	AnyDesk 5.5.2 - Remote Code Execution	608	REMOTE	scryh
2021-03-03	VMware vCenter Server 7.0 - Unauthenticated File Upload	591	REMOTE	Photubias
2021-03-03	WiFi Mouse 1.7.8.5 - Remote Code Execution	725	REMOTE	H4rk3nz0
2021-02-26	VMware vCenter 6.5 / 7.0 Remote Code Execution	838	REMOTE	calmness

Local Exploits

Date	Description		Plat.	Author
2022-03-14	Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe)	1089	LOCAL	Max Kellermann
2021-02-20	dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC)	433	LOCAL	Kağan Çapar
2021-02-18	Microsoft Internet Explorer 11 32-bit - Use-After-Free	363	LOCAL	FORREST ORR
2020-01-22	NEOWISE CARBONFTP 1.4 - Weak Password Encryption	625	LOCAL	hyp3rlinx
2020-01-20	Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit)	398	LOCAL	bcoles
2019-01-03	Ayukov NFTP FTP Client 2.0 Buffer Overflow	1019	LOCAL	Uday Mittal
2018-12-28	Terminal Services Manager 3.1 Local Buffer Overflow	412	LOCAL	bzyo
2018-12-28	Iperius Backup 5.8.1 Buffer Overflow	366	LOCAL	bzyo
2018-12-28	MAGIX Music Editor 3.1 Buffer Overflow	326	LOCAL	bzyo
2018-12-25	Keybase keybase-redirector - '$PATH' Local Privilege Escalation	425	LOCAL	mirchr

Web Applications

Date	Description		Plat.	Author
2021-03-12	Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated)	1582	WEB	Richard Jones
2021-03-12	Atlassian JIRA 8.11.1 - User Enumeration	515	WEB	Dolev Farhi
2021-03-12	Joomla JCK Editor 6.4.4 - 'parent' SQL Injection	666	WEB	Nicholas Ferreira
2021-03-12	Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated)	611	WEB	Christian Vierschilling
2021-03-03	Zen Cart 1.5.7b - Remote Code Execution (Authenticated)	335	WEB	Mucahit Saratar
2021-03-03	Tiny Tiny RSS - Remote Code Execution	328	WEB	Daniel Neagaru
2021-03-03	Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated)	285	WEB	Christian Vierschilling
2021-03-03	Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated)	307	WEB	Christian Vierschilling
2021-03-03	FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit)	535	WEB	Berkan Er
2020-01-22	Centreon 19.04 - Authenticated Remote Code Execution (Metasploit)	708	WEB	TheCyberGeek

DoS/PoC

Date	Description		Plat.	Author
2021-03-12	Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC)	600	DOS	Enes Özeser
2020-01-22	Sysax Multi Server 5.50 - Denial of Service (PoC)	526	DOS	Shailesh Kumavat
2019-01-03	EZ CD Audio Converter 8.0.7 Denial Of Service	513	DOS	Achilles
2019-01-03	NetworkSleuth 3.0.0.0 Denial Of Service	397	DOS	Luis Martinez
2019-01-03	NBMonitor Network Bandwidth Monitor 1.6.5.0 Denial Of Service	408	DOS	Luis Martinez
2018-12-29	WebKit JSC AbstractValue::set Use-After-Free	369	DOS	lokihardt
2018-12-29	WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write	359	DOS	lokihardt
2018-12-28	Armitage 1.14.11 Denial Of Service	330	DOS	Mr Winst0n
2018-12-28	NetShareWatcher 1.5.8 Denial Of Service	261	DOS	T3jv1l
2018-12-28	ShareAlarmPro 2.1.4 Denial Of Service	298	DOS	T3jv1l

Shellcode

Date	Description		Plat.	Author
2018-12-25	Linux/x86 - Kill All Processes Shellcode (14 bytes)	1386	SHELLCODE	strider
2018-12-20	Linux/x64 - Disable ASLR Security Shellcode (93 Bytes)	431	SHELLCODE	Kağan Çapar
2018-12-12	Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95	475	SHELLCODE	T3jv1l
2018-12-05	Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)	402	SHELLCODE	Kağan Çapar
2018-12-05	Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)	334	SHELLCODE	Nelis
2018-11-14	Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shel	577	SHELLCODE	Javier Tello
2018-11-01	Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator)	599	SHELLCODE	Roziul Hasan Khan Shifat
2018-10-25	Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes	351	SHELLCODE	Goutham Madhwaraj
2018-10-09	Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shel	387	SHELLCODE	cq674350529
2018-10-09	Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 byt	339	SHELLCODE	Kartik Durg

Papers

Date	Description		Plat.	Author
2018-11-16	The Powerful Resource of PHP Stream Wrappers	590	PAPERS	Netsparker
2018-11-01	Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam	531	PAPERS	phrack
2018-10-09	A Red Teamer’s guide to pivoting	428	PAPERS	Artem Kondratenko
2018-10-08	Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)	1468	PAPERS	phrack
2018-01-15	Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata	1348	PAPERS	phrack
2017-08-28	Abusing Token Privileges For LPE	820	PAPERS	drone and breenmachine
2017-01-12	OpenSSL - Weak KDF	922	PAPERS	anonymous
2014-08-27	SSDP Amplification Scanner	688	PAPERS	SaMaN
2014-06-26	[Hacking-Contest] SSH Server wrapper	641	PAPERS	Jakob Lell
2012-03-20	Full MSSQL Injection PWNage	849	PAPERS	CWH Underground