Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2018-05-18   Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit) 16 REMOTE icez
2018-05-18   Jenkins CLI - HTTP Java Deserialization (Metasploit) 4 REMOTE Ivan
2018-05-18   Nanopool Claymore Dual Miner 7.3 - Remote Code Execution 4 REMOTE ReverseBrain
2018-05-18   Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution 3 REMOTE neonsea
2018-05-16   WhatsApp 2.18.31 iOS Memory Corruption 8 REMOTE Juan Sacco
2018-05-14   Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution 16 REMOTE vportal
2018-05-09   FTPShell Client 6.7 - Buffer Overflow 32 REMOTE r4wd3r
2018-05-03   TBK DVR4104 / DVR4216 - Credentials Leak 35 REMOTE ezelf
2018-05-03   GPON Routers - Authentication Bypass / Command Injection 24 REMOTE vpnmentor
2018-05-03   Exim < 4.90.1 - 'base64d' Remote Code Execution 20 REMOTE straight_blast

Local Exploits

Date D   Description Plat. Author
2018-05-18   AF_PACKET packet_set_ring Privilege Escalation 12 LOCAL Brendan Coles
2018-05-14   Libuser roothelper Privilege Escalation 7 LOCAL Brendan Coles
2018-05-14   EMC RecoverPoint 4.3 - 'Admin CLI' Command Injection 3 LOCAL Paul Taylor
2018-05-10   Microsoft Windows FxCop 12 XXE Injection 17 LOCAL hyp3rlinx
2018-05-10   FxCop 10/12 - XML External Entity Injection 9 LOCAL hyp3rlinx
2018-05-10   GNU wget - Cookie Injection 8 LOCAL Harry Sintonen
2018-05-07   DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH) 10 LOCAL hyp3rlinx
2018-05-07   Windows WMI - Recieve Notification Exploit 10 LOCAL de7ec7ed
2018-05-03   Windows - Local Privilege Escalation 39 LOCAL XPN
2018-05-03   Adobe Reader PDF - Client Side Request Injection 21 LOCAL Alex Inführ

Web Applications

Date D   Description Plat. Author
2018-05-18   Intelbras NCLOUD 300 1.0 - Authentication bypass 6 WEB Pedro Aguiar
2018-05-10   Mantis manage_proj_page PHP Code Execution 13 WEB Lars Sorenson
2018-05-08   Palo Alto Networks readSessionVarsFromFile() Session Corruption 15 WEB hdm
2018-05-08   PlaySMS import.php Code Execution 17 WEB Touhid M.Shaikh
2018-05-08   PlaySMS sendfromfile.php Code Execution 12 WEB DarkS3curity
2018-05-07   WordPress Plugin User Role Editor < 4.25 - Privilege Escalation 15 WEB Tomislav Paskalev
2018-05-07   Apache Struts2 2.0.0 < 2.3.15 - Prefixed Parameters OGNL Injection 17 WEB Takeshi Terada
2018-05-03   Nagios XI 5.2.6 < 5.2.9 / 5.3 / 5.4 - Chained Remote Root 11 WEB Jared Arave
2018-05-03   Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code 13 WEB SixP4ck3r
2018-05-03   osCommerce Installer Unauthenticated Code Execution 10 WEB Daniel Teixeira

DoS/PoC

Date D   Description Plat. Author
2018-05-18   Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in c 9 DOS Google Security Research
2018-05-15   2345 Security Guard 3.7 - '2345NsProtect.sys' Denial of Service 3 DOS anhkgg
2018-05-11   Dell Touchpad - 'ApMsgFwd.exe' Denial of Service 1 DOS Souhail Hammou
2018-05-10   Allok Video Splitter 3.1.12.17 - Denial of Service 11 DOS Achilles
2018-05-09   2345 Security Guard 3.7 - Denial of Service 9 DOS anhkgg
2018-05-07   HWiNFO 5.82-3410 - Denial of Service 8 DOS bzyo
2018-05-03   Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free 16 DOS SecuriTeam
2018-05-03   Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of S 11 DOS Tenable NS
2018-05-03   WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free 8 DOS Google Security Research
2018-05-03   Apple macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MI 11 DOS Google Security Research

Shellcode

Date D   Description Plat. Author
2018-05-15   Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes 7 SHELLCODE Paolo Perego
2018-05-11   Linux/x86 - Read /etc/passwd Shellcode (62 bytes) 3 SHELLCODE Nuno Freitas
2018-05-10   Linux/x86 - Bind TCP (9443/TCP) Shell + fork() + Null-Free Shellcode (113 bytes) 8 SHELLCODE Amine Kanane
2018-05-07   Linux/x86 - execve(/bin/sh) NOT Encoded Shellcode (27 bytes) 6 SHELLCODE Nuno Freitas
2018-04-25   Linux/x86 - execve(/bin/sh) + ROT-13 + RShift-2 + XOR Encoded Shellcode (44 byte 13 SHELLCODE Nuno Freitas
2018-04-25   Linux/x86 - execve(cp /bin/sh /tmp/sh; chmod +s /tmp/sh) + Null-Free Shellcode ( 7 SHELLCODE absolomb
2018-04-25   Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes) 7 SHELLCODE absolomb
2018-04-25   Linux/x86 - Reverse TCP (127.1.1.1:5555/TCP) Shell Shellcode (73 Bytes) 9 SHELLCODE Anurag Srivastava
2018-04-25   Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) For Full Access + Nu 7 SHELLCODE absolomb
2018-04-25   Linux/x86 - Bind TCP (1337/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 bytes) 7 SHELLCODE Anurag Srivastava

Papers

Date D   Description Plat. Author
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 135 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 177 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 159 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 236 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 245 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 357 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 248 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 213 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 318 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 710 PAPERS admin