Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2016-12-07   Microsoft Internet Explorer jscript9 - JavaScriptStackWalker Memory Corruption ( 3 REMOTE Skylined
2016-12-05   Alcatel Lucent Omnivista 8770 - Remote Code Execution 5 REMOTE malerisch
2016-12-05   BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution 1 REMOTE Jeremy Brown
2016-12-05   Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution 1 REMOTE David Jorm
2016-12-02   Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow 6 REMOTE vportal
2016-12-02   PDF Shaper Buffer Overflow 5 REMOTE metacom
2016-11-29   Android - 'BadKernel' Remote Code Execution 6 REMOTE Guang Gong
2016-11-29   Disk Pulse Enterprise 9.1.16 - Buffer Overflow 0 REMOTE Tulpa
2016-11-29   Disk Savvy Enterprise 9.1.14 - Buffer Overflow 1 REMOTE Tulpa
2016-11-29   Disk Sorter Enterprise 9.1.12 - Buffer Overflow 0 REMOTE Tulpa

Local Exploits

Date D   Description Plat. Author
2016-12-07   Microsoft PowerShell - XML External Entity Injection 4 LOCAL hyp3rlinx
2016-12-07   Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Priv 5 LOCAL rebel
2016-12-06   Apache CouchDB 2.0.0 - Local Privilege Escalation 1 LOCAL hyp3rlinx
2016-12-06   Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection 2 LOCAL hyp3rlinx
2016-12-06   Microsoft Event Viewer 1.0 - XML External Entity Injection 1 LOCAL hyp3rlinx
2016-12-05   Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity Inje 5 LOCAL hyp3rlinx
2016-12-05   Microsoft Excel Starter 2010 - XML External Entity Injection 4 LOCAL hyp3rlinx
2016-12-05   Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection 3 LOCAL hyp3rlinx
2016-12-02   Windows Escalate UAC Protection Bypass 5 LOCAL OJ Reeves
2016-12-02   Opera foreignObject textNode::removeChild Use-After-Free 1 LOCAL SkyLined

Web Applications

Date D   Description Plat. Author
2016-12-02   MS Edge CMarkup::EnsureDeleteCFState Use-After-Free 4 WEB SkyLined
2016-11-30   Google Chrome Accessibility blink::Node Corruption 4 WEB SkyLined
2016-11-28   Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting 1 WEB Joaquin Ramirez Martinez
2016-11-24   Chrome Blink SpeechRecognitionController Use-After-Free 2 WEB SkyLined
2016-11-18   Microsoft Internet Explorer 8 Javascript RegExpBase::FBadHeader Use-After-Free 5 WEB SkyLined
2016-11-16   phpWebAdmin 1.0 SQL Injection 28 WEB N_A
2016-11-15   Boonex Dolphin 7.3.2 - Authentication Bypass / Remote Code Execution 7 WEB 0x4148
2016-11-14   Schoolhos CMS 2.29 - Remote Code Execution / SQL Injection 7 WEB 0x4148
2016-11-14   InvoicePlane 1.4.8 - Password Reset 3 WEB feedersec
2016-11-11   e107 CMS 2.1.2 - Privilege Escalation 17 WEB Kacper Szurek

DoS/PoC

Date D   Description Plat. Author
2016-12-07   Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC) 4 DOS Jeremy Brown
2016-12-07   Microsoft Edge - CBaseScriptable::PrivateQueryInterface Memory Corruption (MS16- 3 DOS Skylined
2016-12-07   Microsoft Internet Explorer 9 - CDoc::ExecuteScriptUri Use-After-Free (MS13-009) 3 DOS Skylined
2016-12-07   Microsoft Edge - CMarkup::EnsureDeleteCFState Use-After-Free (MS15-125) 3 DOS Skylined
2016-12-07   Microsoft Edge - JSON.parse Info Leak 3 DOS Google Security Research
2016-12-06   DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow 3 DOS vportal
2016-12-06   Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH) 2 DOS vportal
2016-12-06   NetCat 0.7.1 - Denial of Service 4 DOS n30m1nd
2016-12-02   ntpd 4.2.8 Stack Overflow Proof Of Concept 3 DOS N_A
2016-12-01   Xitami Web Server 5.0a0 - Denial of Service 1 DOS Stefan Petrushevski

Shellcode

Date D   Description Plat. Author
2016-12-07   Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes) 3 SHELLCODE Filippo Bersani
2016-11-28   Linux/x86 - Egg-hunter Shellcode (25 bytes) 6 SHELLCODE Filippo Bersani
2016-11-24   Windows x64 - Download & Execute Shellcode (358 bytes) 6 SHELLCODE Roziul Hasan Khan Shifat
2016-11-23   Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) 3 SHELLCODE Ashiyane Digital Security Team
2016-11-21   Windows x64 - Reverse Shell TCP Shellcode (694 bytes) 4 SHELLCODE Roziul Hasan Khan Shifat
2016-10-18   Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes) 21 SHELLCODE Fugu
2016-10-18   Windows x64 - WinExec() Shellcode (93 bytes) 14 SHELLCODE Roziul Hasan Khan Shifat
2016-09-18   Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes) 39 SHELLCODE Sean Dillon
2016-09-14   Windows x86 - Password Protected TCP Bind Shell (637 bytes) 33 SHELLCODE Roziul Hasan Khan Shifat
2016-09-09   Windows x86 - Bind Shell TCP Shellcode 20 SHELLCODE Roziul Hasan Khan Shifat

Papers

Date D   Description Plat. Author
2014-08-27   SSDP Amplification Scanner 108 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 86 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 219 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 123 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 108 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 143 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 355 PAPERS admin