Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2020-09-18   Microsoft SQL Server Reporting Services 2016 - Remote Code Execution 366 REMOTE WEST SHEPHERD
2020-08-05   CompleteFTP Professional 12.1.3 - Remote Code Execution 285 REMOTE 1F98D
2020-07-06   vCloud Director 9.7.0.15498291 - Remote Code Execution 191 REMOTE AARONSVK
2020-06-10   Microsoft Windows - 'SMBGhost' Remote Code Execution 413 REMOTE chompie1337
2020-06-10   vCloud Director 9.7.0.15498291 - Remote Code Execution 108 REMOTE aaronsvk
2020-02-25   Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metaspl 661 REMOTE Matthew Aberegg
2018-12-29   Hashicorp Consul Rexec Remote Command Execution 1412 REMOTE Quentin Kaiser
2018-12-29   Hashicorp Consul Services API Remote Command Execution 308 REMOTE Quentin Kaiser
2018-12-25   Kubernetes - (Authenticated) Arbitrary Requests 191 REMOTE evict
2018-12-25   Kubernetes - (Unauthenticated) Arbitrary Requests 177 REMOTE evict

Local Exploits

Date D   Description Plat. Author
2020-01-22   NEOWISE CARBONFTP 1.4 - Weak Password Encryption 270 LOCAL hyp3rlinx
2020-01-20   Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit) 94 LOCAL bcoles
2019-01-03   Ayukov NFTP FTP Client 2.0 Buffer Overflow 722 LOCAL Uday Mittal
2018-12-28   Terminal Services Manager 3.1 Local Buffer Overflow 152 LOCAL bzyo
2018-12-28   Iperius Backup 5.8.1 Buffer Overflow 115 LOCAL bzyo
2018-12-28   MAGIX Music Editor 3.1 Buffer Overflow 101 LOCAL bzyo
2018-12-25   Keybase keybase-redirector - '$PATH' Local Privilege Escalation 152 LOCAL mirchr
2018-12-24   ATool 1.0.0.22 Buffer Overflow 157 LOCAL Aloyce J. Makalanga
2018-12-24   AnyBurn 4.3 Local Buffer Overflow 91 LOCAL Matteo Malvica
2018-12-24   GIGABYTE Driver Privilege Escalation 152 LOCAL SecureAuth

Web Applications

Date D   Description Plat. Author
2020-01-22   Centreon 19.04 - Authenticated Remote Code Execution (Metasploit) 383 WEB TheCyberGeek
2019-01-04   Apache CouchDB 2.3.0 Cross Site Request Forgery 800 WEB Ozer Goker
2019-01-03   Vtiger CRM 7.1.0 Remote Code Execution 363 WEB Ozkan Mustafa Akkus
2018-12-25   phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read 772 WEB VulnSpy
2018-12-17   Huawei Router HG532e Command Execution 380 WEB Rebellion
2018-12-12   ThinkPHP 5.x Remote Code Execution 1006 WEB VulnSpy
2018-12-12   WordPress Snap Creek Duplicator Code Injection 347 WEB Julien Legras
2018-12-12   PrestaShop 1.6.x / 1.7.x Remote Code Execution 205 WEB farisv
2018-12-10   i-doit CMDB 1.11.2 - Remote Code Execution 171 WEB AkkuS
2018-12-06   HasanMWB 1.0 SQL Injection 232 WEB Ihsan Sencan

DoS/PoC

Date D   Description Plat. Author
2020-01-22   Sysax Multi Server 5.50 - Denial of Service (PoC) 190 DOS Shailesh Kumavat
2019-01-03   EZ CD Audio Converter 8.0.7 Denial Of Service 258 DOS Achilles
2019-01-03   NetworkSleuth 3.0.0.0 Denial Of Service 167 DOS Luis Martinez
2019-01-03   NBMonitor Network Bandwidth Monitor 1.6.5.0 Denial Of Service 186 DOS Luis Martinez
2018-12-29   WebKit JSC AbstractValue::set Use-After-Free 130 DOS lokihardt
2018-12-29   WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write 122 DOS lokihardt
2018-12-28   Armitage 1.14.11 Denial Of Service 89 DOS Mr Winst0n
2018-12-28   NetShareWatcher 1.5.8 Denial Of Service 82 DOS T3jv1l
2018-12-28   ShareAlarmPro 2.1.4 Denial Of Service 92 DOS T3jv1l
2018-12-28   Product Key Explorer 4.0.9 Denial Of Service 114 DOS T3jv1l

Shellcode

Date D   Description Plat. Author
2018-12-25   Linux/x86 - Kill All Processes Shellcode (14 bytes) 660 SHELLCODE strider
2018-12-20   Linux/x64 - Disable ASLR Security Shellcode (93 Bytes) 177 SHELLCODE Kağan Çapar
2018-12-12   Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95 233 SHELLCODE T3jv1l
2018-12-05   Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes) 184 SHELLCODE Kağan Çapar
2018-12-05   Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes) 145 SHELLCODE Nelis
2018-11-14   Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shel 379 SHELLCODE Javier Tello
2018-11-01   Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator) 297 SHELLCODE Roziul Hasan Khan Shifat
2018-10-25   Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes 170 SHELLCODE Goutham Madhwaraj
2018-10-09   Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shel 175 SHELLCODE cq674350529
2018-10-09   Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 byt 148 SHELLCODE Kartik Durg

Papers

Date D   Description Plat. Author
2018-11-16   The Powerful Resource of PHP Stream Wrappers 261 PAPERS Netsparker
2018-11-01   Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam 157 PAPERS phrack
2018-10-09   A Red Teamer’s guide to pivoting 128 PAPERS Artem Kondratenko
2018-10-08   Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise) 113 PAPERS phrack
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 908 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 614 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 695 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 453 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 425 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 614 PAPERS CWH Underground