Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2021-03-03   AnyDesk 5.5.2 - Remote Code Execution 2 REMOTE scryh
2021-03-03   VMware vCenter Server 7.0 - Unauthenticated File Upload 4 REMOTE Photubias
2021-03-03   WiFi Mouse 1.7.8.5 - Remote Code Execution 0 REMOTE H4rk3nz0
2021-02-26   VMware vCenter 6.5 / 7.0 Remote Code Execution 35 REMOTE calmness
2021-02-26   Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module) 12 REMOTE Matthew Dunn
2021-02-26   ASUS Remote Link 1.1.2.13 - Remote Code Execution 4 REMOTE H4rk3nz0
2021-02-26   VMware vCenter 6.5 / 7.0 Remote Code Execution Proof Of Concept 7 REMOTE NebulabdSec
2021-02-24   Unified Remote 3.9.0.2463 - Remote Code Execution 15 REMOTE H4rk3nz0
2021-02-24   HFS (HTTP File Server) 2.3.x - Remote Command Execution 11 REMOTE Pergyz
2021-02-24   Apache Flink JAR Upload Java Code Execution 14 REMOTE bcoles

Local Exploits

Date D   Description Plat. Author
2021-02-20   dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC) 14 LOCAL Kağan Çapar
2021-02-18   Microsoft Internet Explorer 11 32-bit - Use-After-Free 12 LOCAL FORREST ORR
2020-01-22   NEOWISE CARBONFTP 1.4 - Weak Password Encryption 336 LOCAL hyp3rlinx
2020-01-20   Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit) 117 LOCAL bcoles
2019-01-03   Ayukov NFTP FTP Client 2.0 Buffer Overflow 744 LOCAL Uday Mittal
2018-12-28   Terminal Services Manager 3.1 Local Buffer Overflow 168 LOCAL bzyo
2018-12-28   Iperius Backup 5.8.1 Buffer Overflow 131 LOCAL bzyo
2018-12-28   MAGIX Music Editor 3.1 Buffer Overflow 118 LOCAL bzyo
2018-12-25   Keybase keybase-redirector - '$PATH' Local Privilege Escalation 177 LOCAL mirchr
2018-12-24   ATool 1.0.0.22 Buffer Overflow 171 LOCAL Aloyce J. Makalanga

Web Applications

Date D   Description Plat. Author
2021-03-03   Zen Cart 1.5.7b - Remote Code Execution (Authenticated) 0 WEB Mucahit Saratar
2021-03-03   Tiny Tiny RSS - Remote Code Execution 0 WEB Daniel Neagaru
2021-03-03   Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated) 0 WEB Christian Vierschilling
2021-03-03   Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated) 0 WEB Christian Vierschilling
2021-03-03   FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit) 0 WEB Berkan Er
2020-01-22   Centreon 19.04 - Authenticated Remote Code Execution (Metasploit) 476 WEB TheCyberGeek
2019-01-04   Apache CouchDB 2.3.0 Cross Site Request Forgery 845 WEB Ozer Goker
2019-01-03   Vtiger CRM 7.1.0 Remote Code Execution 389 WEB Ozkan Mustafa Akkus
2018-12-25   phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read 862 WEB VulnSpy
2018-12-17   Huawei Router HG532e Command Execution 416 WEB Rebellion

DoS/PoC

Date D   Description Plat. Author
2020-01-22   Sysax Multi Server 5.50 - Denial of Service (PoC) 239 DOS Shailesh Kumavat
2019-01-03   EZ CD Audio Converter 8.0.7 Denial Of Service 278 DOS Achilles
2019-01-03   NetworkSleuth 3.0.0.0 Denial Of Service 186 DOS Luis Martinez
2019-01-03   NBMonitor Network Bandwidth Monitor 1.6.5.0 Denial Of Service 205 DOS Luis Martinez
2018-12-29   WebKit JSC AbstractValue::set Use-After-Free 144 DOS lokihardt
2018-12-29   WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write 133 DOS lokihardt
2018-12-28   Armitage 1.14.11 Denial Of Service 102 DOS Mr Winst0n
2018-12-28   NetShareWatcher 1.5.8 Denial Of Service 98 DOS T3jv1l
2018-12-28   ShareAlarmPro 2.1.4 Denial Of Service 104 DOS T3jv1l
2018-12-28   Product Key Explorer 4.0.9 Denial Of Service 123 DOS T3jv1l

Shellcode

Date D   Description Plat. Author
2018-12-25   Linux/x86 - Kill All Processes Shellcode (14 bytes) 760 SHELLCODE strider
2018-12-20   Linux/x64 - Disable ASLR Security Shellcode (93 Bytes) 207 SHELLCODE Kağan Çapar
2018-12-12   Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95 254 SHELLCODE T3jv1l
2018-12-05   Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes) 208 SHELLCODE Kağan Çapar
2018-12-05   Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes) 157 SHELLCODE Nelis
2018-11-14   Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shel 389 SHELLCODE Javier Tello
2018-11-01   Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator) 310 SHELLCODE Roziul Hasan Khan Shifat
2018-10-25   Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes 178 SHELLCODE Goutham Madhwaraj
2018-10-09   Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shel 189 SHELLCODE cq674350529
2018-10-09   Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 byt 158 SHELLCODE Kartik Durg

Papers

Date D   Description Plat. Author
2018-11-16   The Powerful Resource of PHP Stream Wrappers 285 PAPERS Netsparker
2018-11-01   Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam 176 PAPERS phrack
2018-10-09   A Red Teamer’s guide to pivoting 146 PAPERS Artem Kondratenko
2018-10-08   Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise) 131 PAPERS phrack
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 923 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 620 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 710 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 473 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 436 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 634 PAPERS CWH Underground