Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2017-06-20   Mikrotik RouterOS 6.28 Cookie Buffer Overflow 23 REMOTE sultan albalawi
2017-06-20   Mikrotik RouterOS 6.39.2 FTP CWD Buffer Overflow 5 REMOTE sultan albalawi
2017-06-19   Easy File Sharing Web Server 7.2 - 'POST' Buffer Overflow (DEP Bypass) 4 REMOTE bl4ck h4ck3r
2017-06-15   HP PageWide Printers / HP OfficeJet Pro Printers (OfficeJet Pro 8210) - Arbitrar 3 REMOTE Jacob Baines
2017-06-15   Google Chrome - V8 Private Property Arbitrary Code Execution 7 REMOTE Qihoo360
2017-06-14   Easy File Sharing Web Server 7.2 - 'POST' Buffer Overflow 7 REMOTE Touhid M.Shaikh
2017-06-13   Logpoint < 5.6.4 - Unauthenticated Root Remote Code Execution 9 REMOTE agix
2017-06-13   EFS Easy Chat Server 3.1 - Buffer Overflow (SEH) 0 REMOTE Aitezaz Mohsin
2017-06-13   VMware vSphere Data Protection 5.x/6.x - Java Deserialization 5 REMOTE Kelly Correll
2017-06-08   Mikrotik RouterOS 6.28 FTP Buffer Overflow 11 REMOTE sultan albalawi

Local Exploits

Date D   Description Plat. Author
2017-06-16   Sudo - 'get_process_ttyname()' Privilege Escalation 8 LOCAL Qualys Corporation
2017-06-16   VX Search Enterprise 9.7.18 - Local Buffer Overflow 0 LOCAL ScrR1pTK1dd13
2017-06-14   Easy MOV Converter 1.4.24 - 'Enter User Name' Buffer Overflow (SEH) 1 LOCAL abatchy17
2017-06-14   Disk Pulse 9.7.26 - 'Add Directory' Local Buffer Overflow 2 LOCAL abatchy17
2017-06-13   Sync Breeze 9.7.26 - 'Add Exclude Directory' Local Buffer Overflow 6 LOCAL abatchy17
2017-06-13   DiskBoss 8.0.16 - 'Input Directory' Local Buffer Overflow 0 LOCAL abatchy17
2017-06-13   Disk Sorter 9.7.14 - 'Input Directory' Local Buffer Overflow 0 LOCAL abatchy17
2017-06-13   Apple macOS - Disk Arbitration Daemon Race Condition 0 LOCAL phoenhex
2017-06-13   Apple macOS 10.12.3 / iOS < 10.3.2 - Userspace Entitlement Checking Race Conditi 3 LOCAL Google Security Research
2017-06-08   Windows UAC Protection Bypass (Via FodHelper Registry Key) 15 LOCAL amaloteaux

Web Applications

Date D   Description Plat. Author
2017-06-22   PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution 7 WEB phackt_ul
2017-06-20   D-Link ADSL DSL-2640B SEA_1.01 Unauthenticated Remote DNS Changer 9 WEB Todor Donev
2017-06-20   D-Link DSL-2640B - Unauthenticated Remote DNS Change 5 WEB Todor Donev
2017-06-20   D-Link DSL-2640U - Unauthenticated DNS Change 3 WEB Todor Donev
2017-06-20   Beetel BCM96338 Router - Unauthenticated DNS Change 3 WEB Todor Donev
2017-06-20   UTstarcom WA3002G4 - Unauthenticated DNS Change 3 WEB Todor Donev
2017-06-20   iBall Baton iB-WRA150N - Unauthenticated DNS Change 2 WEB Todor Donev
2017-06-16   Aerohive HiveOS 5.1r5 < 6.1r5 - Remote Code Execution 4 WEB Ike-Clinton
2017-06-14   MyBB 1.8.12 Stored XSS / File Enumeration 2 WEB MLT
2017-06-13   EFS Easy Chat Server 3.1 - Password Reset 0 WEB Aitezaz Mohsin

DoS/PoC

Date D   Description Plat. Author
2017-06-23   Microsoft Windows - 'nt!NtQueryInformationTransaction (information class 1)' Ker 6 DOS Google Security Research
2017-06-23   Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 28)' Kern 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'nt!NtQueryInformationJobObject (information class 12)' Kern 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessVmCounters)' Kernel St 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'nt!NtQueryInformationJobObject (BasicLimitInformation, Exte 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'win32k!ClientPrinterThunk' Kernel Stack Memory Disclosure 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'win32k!NtGdiGetRealizationInfo' Kernel Stack Memory Disclos 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'win32k!NtGdiGetTextMetricsW' Kernel Stack Memory Disclosure 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'win32k!NtGdiGetOutlineTextMetricsInternalW' Kernel Stack Me 4 DOS Google Security Research
2017-06-23   Microsoft Windows - 'win32k!NtGdiExtGetObjectW' Kernel Stack Memory Disclosure 5 DOS Google Security Research

Shellcode

Date D   Description Plat. Author
2017-06-22   Linux/x86 - Reverse UDP Shellcode (668 bytes) 3 SHELLCODE DONTON Fetenat C
2017-06-16   Linux/x86_64 - execve("/bin/sh") Shellcode (24 bytes) 7 SHELLCODE m4n3dw0lf
2017-06-16   Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes) 1 SHELLCODE nullparasite
2017-06-07   Linux/x86-64 - /bin/sh Shellcode (31 bytes) 10 SHELLCODE Touhid M.Shaikh
2017-05-18   Windows x32 / Windows x64 - cmd.exe Shellcode (718 bytes) 41 SHELLCODE Filippo Bersani
2017-05-09   Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes) 14 SHELLCODE Srakai
2017-05-09   Linux/x86 - Disable ASLR Shellcode (80 bytes) 3 SHELLCODE abatchy17
2017-04-24   Linux/x86 - Egg-hunter Shellcode (18 bytes) 4 SHELLCODE phackt_ul
2017-04-14   Linux/x86-64 - execve("/bin/sh") Shellcode (31 bytes) 14 SHELLCODE WangYihang
2017-04-07   Windows 10 x64 - Egghunter Shellcode (45 bytes) 46 SHELLCODE Peter Baris

Papers

Date D   Description Plat. Author
2017-01-12   OpenSSL - Weak KDF 47 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 130 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 108 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 235 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 142 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 122 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 170 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 440 PAPERS admin