Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2022-03-18   Apache APISIX 2.12.1 - Remote Code Execution (RCE) 4267 REMOTE Ven3xy
2021-04-06   Google Chrome 81.0.4044 V8 - Remote Code Execution 2338 REMOTE Tobias Marcotto
2021-04-06   Google Chrome 86.0.4240 V8 - Remote Code Execution 936 REMOTE Tobias Marcotto
2021-04-06   vsftpd 3.0.3 - Remote Denial of Service 680 REMOTE xynmaps
2021-04-06   Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) 557 REMOTE F5
2021-03-12   Golden FTP Server 4.70 - 'PASS' Buffer Overflow 501 REMOTE 1F98D
2021-03-03   AnyDesk 5.5.2 - Remote Code Execution 585 REMOTE scryh
2021-03-03   VMware vCenter Server 7.0 - Unauthenticated File Upload 569 REMOTE Photubias
2021-03-03   WiFi Mouse 1.7.8.5 - Remote Code Execution 694 REMOTE H4rk3nz0
2021-02-26   VMware vCenter 6.5 / 7.0 Remote Code Execution 818 REMOTE calmness

Local Exploits

Date D   Description Plat. Author
2022-03-14   Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe) 1021 LOCAL Max Kellermann
2021-02-20   dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC) 423 LOCAL Kağan Çapar
2021-02-18   Microsoft Internet Explorer 11 32-bit - Use-After-Free 344 LOCAL FORREST ORR
2020-01-22   NEOWISE CARBONFTP 1.4 - Weak Password Encryption 611 LOCAL hyp3rlinx
2020-01-20   Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit) 384 LOCAL bcoles
2019-01-03   Ayukov NFTP FTP Client 2.0 Buffer Overflow 1007 LOCAL Uday Mittal
2018-12-28   Terminal Services Manager 3.1 Local Buffer Overflow 396 LOCAL bzyo
2018-12-28   Iperius Backup 5.8.1 Buffer Overflow 345 LOCAL bzyo
2018-12-28   MAGIX Music Editor 3.1 Buffer Overflow 314 LOCAL bzyo
2018-12-25   Keybase keybase-redirector - '$PATH' Local Privilege Escalation 413 LOCAL mirchr

Web Applications

Date D   Description Plat. Author
2021-03-12   Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated) 1518 WEB Richard Jones
2021-03-12   Atlassian JIRA 8.11.1 - User Enumeration 484 WEB Dolev Farhi
2021-03-12   Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 628 WEB Nicholas Ferreira
2021-03-12   Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated) 583 WEB Christian Vierschilling
2021-03-03   Zen Cart 1.5.7b - Remote Code Execution (Authenticated) 311 WEB Mucahit Saratar
2021-03-03   Tiny Tiny RSS - Remote Code Execution 311 WEB Daniel Neagaru
2021-03-03   Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated) 270 WEB Christian Vierschilling
2021-03-03   Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated) 289 WEB Christian Vierschilling
2021-03-03   FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit) 518 WEB Berkan Er
2020-01-22   Centreon 19.04 - Authenticated Remote Code Execution (Metasploit) 689 WEB TheCyberGeek

DoS/PoC

Date D   Description Plat. Author
2021-03-12   Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC) 571 DOS Enes Özeser
2020-01-22   Sysax Multi Server 5.50 - Denial of Service (PoC) 512 DOS Shailesh Kumavat
2019-01-03   EZ CD Audio Converter 8.0.7 Denial Of Service 501 DOS Achilles
2019-01-03   NetworkSleuth 3.0.0.0 Denial Of Service 383 DOS Luis Martinez
2019-01-03   NBMonitor Network Bandwidth Monitor 1.6.5.0 Denial Of Service 393 DOS Luis Martinez
2018-12-29   WebKit JSC AbstractValue::set Use-After-Free 354 DOS lokihardt
2018-12-29   WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write 340 DOS lokihardt
2018-12-28   Armitage 1.14.11 Denial Of Service 307 DOS Mr Winst0n
2018-12-28   NetShareWatcher 1.5.8 Denial Of Service 247 DOS T3jv1l
2018-12-28   ShareAlarmPro 2.1.4 Denial Of Service 286 DOS T3jv1l

Shellcode

Date D   Description Plat. Author
2018-12-25   Linux/x86 - Kill All Processes Shellcode (14 bytes) 1354 SHELLCODE strider
2018-12-20   Linux/x64 - Disable ASLR Security Shellcode (93 Bytes) 414 SHELLCODE Kağan Çapar
2018-12-12   Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95 464 SHELLCODE T3jv1l
2018-12-05   Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes) 386 SHELLCODE Kağan Çapar
2018-12-05   Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes) 319 SHELLCODE Nelis
2018-11-14   Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shel 567 SHELLCODE Javier Tello
2018-11-01   Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator) 577 SHELLCODE Roziul Hasan Khan Shifat
2018-10-25   Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes 339 SHELLCODE Goutham Madhwaraj
2018-10-09   Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shel 365 SHELLCODE cq674350529
2018-10-09   Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 byt 325 SHELLCODE Kartik Durg

Papers

Date D   Description Plat. Author
2018-11-16   The Powerful Resource of PHP Stream Wrappers 571 PAPERS Netsparker
2018-11-01   Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam 502 PAPERS phrack
2018-10-09   A Red Teamer’s guide to pivoting 410 PAPERS Artem Kondratenko
2018-10-08   Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise) 1445 PAPERS phrack
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 1331 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 809 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 912 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 670 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 629 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 834 PAPERS CWH Underground