Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2017-04-21   Microsoft Windows IFEO Winlogin SYSTEM Backdooring Exploit 9 REMOTE Todor Donev
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 Session Generation Authenticat 5 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Informat 4 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 logoff.cgi Directory Traversal 3 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 admin_sys_time.cgi Remote Code 4 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 admin_sys_time.cgi Remote Code 2 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 detected_potential_files.cgi R 2 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 dlp_policy_upload.cgi Remote C 2 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 hotfix_upload.cgi Remote Code 2 REMOTE mr_me
2017-04-20   Trend Micro Threat Discovery Appliance 2.6.1062r1 log_query_dae.cgi Remote Code 2 REMOTE mr_me

Local Exploits

Date D   Description Plat. Author
2017-04-21   VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Esca 0 LOCAL Google Security Research
2017-04-21   Microsoft Windows 10 10586 - IEETWCollector Arbitrary Directory/File Deletion Pr 1 LOCAL Google Security Research
2017-04-19   VirtualBox Unprivilege Host User To Host Kernel Privilege Escalation 5 LOCAL jannh
2017-04-19   Microsoft Windows taskschd.msc Privilege Escalation 6 LOCAL Todor Donev
2017-04-18   VirusChaser 8.0 - Buffer Overflow (SEH) 1 LOCAL 0x41Li
2017-04-18   Linux Kernel 4.8.0 UDEV < 232 - Privilege Escalation 4 LOCAL Nassim Asrir
2017-04-14   PonyOS 4.0 - 'fluttershy' LD_LIBRARY_PATH Local Kernel Exploit 2 LOCAL Hacker Fantastic
2017-04-13   GNS3 Mac OS-X 1.5.2 - 'ubridge' Privilege Escalation 0 LOCAL Hacker Fantastic
2017-04-13   Solaris 7 - 11 (x86 & SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation 3 LOCAL Hacker Fantastic
2017-04-13   Adobe Creative Cloud Desktop Application 4.0.0.185 Privilege Escalation 1 LOCAL hyp3rlinx

Web Applications

Date D   Description Plat. Author
2017-04-21   Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'operationSpreadGeneric' Universa 3 WEB Google Security Research
2017-04-21   Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'PrototypeMap::createEmptyStructu 1 WEB Google Security Research
2017-04-19   WebKit operationSpreadGeneric Universal Cross Site Scripting 1 WEB lokihardt
2017-04-18   Mantis Bug Tracker 1.3.0/2.3.0 - Password Reset 4 WEB hyp3rlinx
2017-04-18   Huawei HG532n Command Injection 4 WEB Ahmed S. Darwish
2017-04-14   Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit) 2 WEB Peter Lapp
2017-04-13   PCMAN FTP Server 2.0.7 ACCT Buffer Overflow 3 WEB Cybernetic
2017-04-13   XiongMai uc-http 1.0.0 Local File Inclusion / Directory Traversal 4 WEB Project Insecurity
2017-04-12   Apple WebKit / Safari 10.0.3 (12602.4.8) - Universal Cross-Site Scripting via a 2 WEB Google Security Research
2017-04-12   Apple WebKit / Safari 10.0.3 (12602.4.8) - Synchronous Page Load Universal Cross 0 WEB Google Security Research

DoS/PoC

Date D   Description Plat. Author
2017-04-20   OpenText Documentum Content Server Privilege Evaluation 4 DOS Andrey B. Panfilov
2017-04-20   Microsoft RTF Remote Code Execution 4 DOS Bhadresh Patel
2017-04-19   pinfo 0.6.9 - Local Buffer Overflow 4 DOS Nassim Asrir
2017-04-18   Microsoft Windows - Uncredentialed SMB RCE (MS17-010) (Metasploit) 8 DOS Sean Dillon
2017-04-18   WinSCP 5.9.4 - 'LIST' Denial of Service (Metasploit) 1 DOS mohammed Mohammed
2017-04-14   Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disc 3 DOS Google Security Research
2017-04-12   Apple WebKit - 'JSC::SymbolTableEntry::isWatchable' Heap Buffer Overflow 0 DOS Google Security Research
2017-04-12   Apple WebKit - 'Document::adoptNode' Use-After-Free 1 DOS Google Security Research
2017-04-12   Apple WebKit - 'JSC::B3::Procedure::resetReachability' Use-After-Free 0 DOS Google Security Research
2017-04-07   CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC) 7 DOS redr2e

Shellcode

Date D   Description Plat. Author
2017-04-14   Linux/x86-64 - execve("/bin/sh") Shellcode (31 bytes) 8 SHELLCODE WangYihang
2017-04-07   Windows 10 x64 - Egghunter Shellcode (45 bytes) 18 SHELLCODE Peter Baris
2017-03-30   Linux/x86 - execve(/bin/sh") Shellcode (19 bytes) 9 SHELLCODE WangYihang
2017-03-29   Linux/x86-64 - execve("/bin/sh") Shellcode (21 Bytes) 11 SHELLCODE WangYihang
2017-03-27   Linux/x86 - Reverse /bin/bash Shellcode (110 bytes) 7 SHELLCODE JR0ch17
2017-03-20   Linux/x86 - File Reader Shellcode (54 Bytes) 7 SHELLCODE WangYihang
2017-03-20   Linux/x86 - Bind Shell Shellcode (42 bytes) 10 SHELLCODE Oleg Boytsev
2017-03-20   Linux/x86 - Encoded exceve("/bin/sh") Shellcode (44 Bytes) 9 SHELLCODE WangYihang
2017-03-13   Windows x86 - Hide Console Window Shellcode (182 bytes) 15 SHELLCODE Ege Balci
2017-03-06   Linux/x86-64 - Polymorphic NetCat Reverse Shell Shellcode (106 bytes) 8 SHELLCODE Robert L. Taylor

Papers

Date D   Description Plat. Author
2017-01-12   OpenSSL - Weak KDF 30 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 124 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 100 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 230 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 135 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 119 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 156 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 405 PAPERS admin