Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2017-05-25   Samba is_known_pipename() Arbitrary Module Load 30 REMOTE hdm
2017-05-22   Pegasus 4.72 Build 572 Remote Code Execution 9 REMOTE hyp3rlinx
2017-05-22   Secure Auditor 3.0 - Directory Traversal 2 REMOTE hyp3rlinx
2017-05-22   Microsoft Windows Windows 7/2008 R2 (x64) - 'EternalBlue' SMB Remote Code Execut 20 REMOTE sleepya
2017-05-22   Microsoft Windows Windows 8/2012 R2 (x64) - 'EternalBlue' SMB Remote Code Execut 12 REMOTE sleepya
2017-05-18   Oracle PeopleSoft - XML External Entity to SYSTEM Remote Code Execution 18 REMOTE Ambionics Security
2017-05-18   BuilderEngine 3.5.0 - Arbitrary File Upload and Execution (Metasploit) 4 REMOTE Marco Rivoli
2017-05-18   WordPress PHPMailer 4.6 - Host Header Command Injection (Metasploit) 6 REMOTE wvu
2017-05-18   Serviio Media Server - checkStreamUrl Command Execution (Metasploit) 2 REMOTE Brendan Coles
2017-05-18   Dup Scout Enterprise 9.5.14 - GET Buffer Overflow (Metasploit) 6 REMOTE Daniel Teixeira

Local Exploits

Date D   Description Plat. Author
2017-05-25   Dup Scout Enterprise 9.7.18 - '.xml' Local Buffer Overflow 4 LOCAL ScrR1pTK1dd13
2017-05-24   KDE 4/5 - 'KAuth' Privilege Escalation 0 LOCAL Stealth
2017-05-23   VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Config Host Root Privil 2 LOCAL Google Security Research
2017-05-18   Microsoft Windows - COM Aggregate Marshaler/IRemUnknown2 Type Confusion Privileg 10 LOCAL Google Security Research
2017-05-15   Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi S 12 LOCAL Andrey Konovalov
2017-05-15   Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' & 'SO_RCVBUFFORCE' Local Privilege 4 LOCAL Andrey Konovalov
2017-05-12   Linux Kernel 4.8.0 - Packet Socket Local root Privilege Escalation 4 LOCAL Andrey Konovalov
2017-05-09   Gemalto SmartDiag Diagnosis Tool < 2.5 - Buffer Overflow (SEH) 1 LOCAL Majid Alqabandi
2017-05-05   Ghostscript 9.21 - Type Confusion Arbitrary Command Execution (Metasploit) 3 LOCAL hdm
2017-04-26   LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation 9 LOCAL G. Geshev

Web Applications

Date D   Description Plat. Author
2017-05-25   NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion 4 WEB f3ci
2017-05-23   VX Search Enterprise GET Buffer Overflow 2 WEB Daniel Teixeira
2017-05-23   Sync Breeze Enterprise GET Buffer Overflow 2 WEB Daniel Teixeira
2017-05-23   MediaWiki SyntaxHighlight Extension Option Injection 1 WEB Yorick Koster
2017-05-22   Mantis Bug Tracker 1.3.10/2.3.0 - Cross-Site Request Forgery 2 WEB hyp3rlinx
2017-05-15   miniupnpc 2.0.20170421 Denial Of Service 2 WEB oststrom
2017-05-11   ASUS Routers CSRF / Information Disclosure 12 WEB Yakov Shafranovich
2017-05-10   LogRhythm Network Monitor - Authentication Bypass / Command Injection 6 WEB Francesco Oddo
2017-05-05   WordPress 4.6 - Unauthenticated Remote Code Execution 29 WEB Dawid Golunski
2017-05-05   Serviio PRO 1.8 DLNA Media Streaming Server - REST API Arbitrary Code Execution 5 WEB LiquidWorm

DoS/PoC

Date D   Description Plat. Author
2017-05-24   Apple macOS - Local Privilege Escalation Due to Lack of Bounds Checking in HISer 1 DOS Google Security Research
2017-05-24   Apple iOS/macOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in net 1 DOS Google Security Research
2017-05-24   Apple iOS/macOS Kernel - Use-After-Free Due to Bad Locking in Unix Domain Socket 1 DOS Google Security Research
2017-05-23   Linux Kernel 4.11 - eBPF Verifier Log Leaks Lower Half of map Pointer 2 DOS Google Security Research
2017-05-22   Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC) 1 DOS Chance Johnson
2017-05-18   Apple iOS < 10.3.2 - Notifications API Denial of Service 3 DOS CoffeeBreakers
2017-05-17   Mozilla Firefox 55 Denial Of Service 4 DOS Brian Carpenter
2017-05-16   Microsoft Windows 7 Kernel - 'win32k!xxxClientLpkDrawTextEx' Stack Memory Disclo 5 DOS Google Security Research
2017-05-16   Microsoft Windows 10 Kernel - nt!NtTraceControl (EtwpSetProviderTraits) Pool Mem 2 DOS Google Security Research
2017-05-16   Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor 6 DOS Google Security Research

Shellcode

Date D   Description Plat. Author
2017-05-18   Windows x32 / Windows x64 - cmd.exe Shellcode (718 bytes) 17 SHELLCODE Filippo Bersani
2017-05-09   Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes) 7 SHELLCODE Srakai
2017-05-09   Linux/x86 - Disable ASLR Shellcode (80 bytes) 1 SHELLCODE abatchy17
2017-04-24   Linux/x86 - Egg-hunter Shellcode (18 bytes) 4 SHELLCODE phackt_ul
2017-04-14   Linux/x86-64 - execve("/bin/sh") Shellcode (31 bytes) 14 SHELLCODE WangYihang
2017-04-07   Windows 10 x64 - Egghunter Shellcode (45 bytes) 36 SHELLCODE Peter Baris
2017-03-30   Linux/x86 - execve(/bin/sh") Shellcode (19 bytes) 16 SHELLCODE WangYihang
2017-03-29   Linux/x86-64 - execve("/bin/sh") Shellcode (21 Bytes) 13 SHELLCODE WangYihang
2017-03-27   Linux/x86 - Reverse /bin/bash Shellcode (110 bytes) 11 SHELLCODE JR0ch17
2017-03-20   Linux/x86 - File Reader Shellcode (54 Bytes) 8 SHELLCODE WangYihang

Papers

Date D   Description Plat. Author
2017-01-12   OpenSSL - Weak KDF 38 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 128 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 106 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 233 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 140 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 121 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 162 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 422 PAPERS admin