Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2026-07-07   Hydra - Stack Buffer Overflow 35 REMOTE banyamer
2026-07-07   iOS Bluetooth PAN Exploit - Ethernet Gateway without Adapter 25 REMOTE Fares Dahoumane
2026-05-30   Notepad++ 8.9.6 - Arbitrary Code Execution 160 REMOTE Kavin Jindal
2026-05-29   Microsoft - NTLMv2 Hash Capture 86 REMOTE nu11secur1ty
2026-05-29   Wing FTP Server 8.1.3 - Authenticated Remote Code Execution 84 REMOTE Ünsal Furkan Harani
2026-05-29   strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow 57 REMOTE Lukas Johannes Moeller
2026-05-07   telnetd 2.7 - Buffer Overflow 90 REMOTE jeffbarron
2026-02-11   Windows 10.0.17763.7009 - spoofing vulnerability 290 REMOTE beatrizfn
2026-02-04   windows 10/11 - NTLM Hash Disclosure Spoofing 171 REMOTE beatrizfn
2026-02-04   Redis 8.0.2 - RCE 273 REMOTE Beatriz Fresno Naumova

Local Exploits

Date D   Description Plat. Author
2026-07-07   ProtonVPN v4.4.1 - Unquoted Service Path 23 LOCAL Milad karimi
2026-07-06   MEmu Android Emulator 9.2.7.0 - Local Privilege Escalation 27 LOCAL Mohammad
2026-07-06   Windows Defender (MsMpEng.exe) - Race Condition 37 LOCAL nu11secur1ty
2026-05-29   ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion 46 LOCAL Jose Rivas
2026-05-29   ZTE Routers - Unauthenticated Denial of Service 53 LOCAL Mina Nageh Salalma
2026-05-29   ZTE ZXHN H188A V6 - Authentication Bypass 44 LOCAL Mina Nageh Salalma
2026-05-29   ZTE H298A / H108N - Unauthenticated Credential Exposure 50 LOCAL Mina Nageh Salalma
2026-05-29   Linux Kernel - Local Privilege Escalation 56 LOCAL nu11secur1ty
2026-05-27   Linux Kernel - Local Privilege Escalation 64 LOCAL nu11secur1ty
2026-05-27   Realtek rtl819x - Local Privilege 47 LOCAL Daniil Gordeev

Web Applications

Date D   Description Plat. Author
2026-07-08   Krayin CRM v2.2.x - Authenticated Remote Code Execution 25 WEB Diamorphine
2026-07-08   Atarim WordPress Plugin 4.2.2 - Sensitive Information Exposure 19 WEB Mohammad Hossein Sadeghian
2026-07-08   Langflow 1.9.0 - RCE 33 WEB Diamorphine
2026-07-08   Joomla Page Builder CK 3.5.10 - Arbitrary File Upload 19 WEB M@rAz Ali
2026-07-07   MCPJam Inspector - Remote Code Execution 23 WEB Diamorphine
2026-07-07   Flowise 3.1.3 - arbitrary code execution 16 WEB banyamer
2026-07-07   Discuz! X5.0 - Authentication Bypass 16 WEB banyamer
2026-07-07   Tenable Nessus 10.12.1 - SQL Injection 17 WEB banyamer
2026-07-07   WordPress Bricks Builder Theme - RCE 34 WEB Jared Brits
2026-07-06   Joomla Extension 4.1.4 - PHP Object injection 25 WEB Amin İsayev

DoS/PoC

Date D   Description Plat. Author
2026-05-29   strongSwan 5.9.13 - DoS 52 DOS Lukas Johannes Moeller
2025-07-28   Xlight FTP 1.1 - Denial Of Service (DOS) 172 DOS Fernando Mengali
2024-08-28   Windows TCP/IP - RCE Checker and Denial of Service 183 DOS Photubias
2024-03-28   RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service 177 DOS ice-wzl
2024-02-26   Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS' 156 DOS hyp3rlinx
2024-02-19   XAMPP - Buffer Overflow POC 150 DOS Talson
2024-02-13   VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service 146 DOS LiquidWorm
2024-02-09   Elasticsearch - StackOverflow DoS 163 DOS TOUHAMI Kasbaoui
2024-02-02   Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS 168 DOS LiquidWorm
2023-10-09   OpenPLC WebServer 3 - Denial of Service 120 DOS Kai Feng

Shellcode

Date D   Description Plat. Author
2026-05-29   Win32 - Calc Shellcode 52 SHELLCODE Fernando Mengali
2025-08-04   Linux/x86_64 - execve(_/bin/sh__[_-c__cmd]_NULL) Arbitrary Command Execution She 197 SHELLCODE Muzaffer Umut ŞAHİN
2025-05-21   Windows 11 x64 - Reverse TCP Shellcode (564 bytes) 287 SHELLCODE Victor Huerlimann
2025-05-21   Linux/x86 - Reverse TCP Shellcode (95 bytes) 217 SHELLCODE Al Baradi Joy
2025-05-21   Linux/x86-64 - execve(_/bin/sh_) Shellcode (36 bytes) 175 SHELLCODE Sayan Ray
2023-09-08   Windows/x64 - PIC Null-Free TCP Reverse Shell Shellcode (476 Bytes) 150 SHELLCODE Senzee
2023-08-21   Linux/x64 - memfd_create ELF loader Shellcode (170 bytes) 159 SHELLCODE Ivan Nikolsky
2023-07-28   Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes) 155 SHELLCODE Senzee
2023-04-25   Windows/x64 - Delete File shellcode / Dynamic PEB method null-free Shellcode 152 SHELLCODE Nayani
2023-04-05   Linux/x86_64 - bash Shellcode with xor encoding 148 SHELLCODE Jeenika Anadani

Papers

Date D   Description Plat. Author
2018-11-16   The Powerful Resource of PHP Stream Wrappers 792 PAPERS Netsparker
2018-11-01   Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam 722 PAPERS phrack
2018-10-09   A Red Teamer’s guide to pivoting 679 PAPERS Artem Kondratenko
2018-10-08   Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise) 1658 PAPERS phrack
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 1526 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 1061 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 1091 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 822 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 800 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 2177 PAPERS CWH Underground