The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits

Date	Description		Plat.	Author
2017-08-02	Microsoft Windows LNK Shortcut File Code Execution	45	REMOTE	Yorick Koster
2017-08-01	DiskBoss Enterprise 8.2.14 - Buffer Overflow	8	REMOTE	Ahmad Mahfouz
2017-08-01	Jenkins < 1.650 - Java Deserialization	16	REMOTE	Janusz Piechówka
2017-07-25	VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command Execu	11	REMOTE	Brendan Coles
2017-07-25	IPFire < 2.19 Update Core 110 - Remote Code Execution (Metasploit)	12	REMOTE	h00die
2017-07-25	Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution (MS17-007)	16	REMOTE	Mohamed Hamdy
2017-07-25	Easy Chat Server User Registeration Buffer Overflow (SEH)	5	REMOTE	Marco Rivoli
2017-07-25	Metasploit RPC Console Command Execution	15	REMOTE	Brendan Coles
2017-07-18	Belkin NetCam F7D7601 - Multiple Vulnerabilities	14	REMOTE	Wadeek
2017-07-17	Windows Browser Example Exploit	46	REMOTE	sinn3r

Local Exploits

Date	Description		Plat.	Author
2017-08-16	Internet Download Manager 6.28 Build 17 - Buffer Overflow (SEH Unicode)	4	LOCAL	f3ci
2017-08-16	ALLPlayer 7.4 - Buffer Overflow (SEH Unicode)	1	LOCAL	f3ci
2017-08-15	Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation	2	LOCAL	Securify
2017-08-09	Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS	6	LOCAL	Saif
2017-08-07	Microsoft Windows - LNK Shortcut File Code Execution	5	LOCAL	nixawk
2017-08-04	DNSTracer 1.9 - Buffer Overflow	2	LOCAL	j0lama
2017-08-03	Hashicorp vagrant-vmware-fusion 4.0.23 Local Root Privilege Escalation	5	LOCAL	Mark Wadham
2017-08-02	Nitro Pro PDF Reader 11.0.3.173 Remote Code Execution	4	LOCAL	sinn3r
2017-07-28	AudioCoder 0.8.46 - Local Buffer Overflow (SEH)	0	LOCAL	Muhann4d
2017-07-28	MediaCoder 0.8.48.5888 - Local Buffer Overflow (SEH)	0	LOCAL	Muhann4d

Web Applications

Date	Description		Plat.	Author
2017-08-11	DALIM SOFTWARE ES Core 5.0 Build 7184.1 User Enumeration	6	WEB	LiquidWorm
2017-08-09	Synology Photo Station 6.7.3-3432 / 6.3-2967 - Remote Code Execution	1	WEB	Kacper Szurek
2017-08-02	Advantech SUSIAccess <= 3.0 - 'RecoveryMgmt' File Upload	7	WEB	James Fitts
2017-08-02	Advantech SUSIAccess <= 3.0 - Directory Traversal / Information Disclosure (Meta	3	WEB	James Fitts
2017-07-31	GitHub Enterprise < 2.8.7 - Remote Code Execution	8	WEB	orange
2017-07-27	WebKit JSC - 'JSObject::putInlineSlow and JSValue::putToPrimitive' Universal Cro	1	WEB	Google Security Research
2017-07-25	ManageEngine Desktop Central 10 Build 100087 - Remote Code Execution (Metasploit	6	WEB	Kacper Szurek
2017-07-21	Netscaler SD-WAN 9.1.2.26.561201 - Command Injection (Metasploit)	15	WEB	xort
2017-07-21	Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit	7	WEB	xort
2017-07-21	Sonicwall < 8.1.0.6-21sv - 'gencsr.cgi' Command Injection (Metasploit)	6	WEB	xort

DoS/PoC

Date	Description		Plat.	Author
2017-08-17	Microsoft Edge Chakra Incorrect Jit Optimization	0	DOS	lokihardt
2017-08-17	Microsoft Edge Chakra EmitNew Integer Overflow	0	DOS	lokihardt
2017-08-17	Microsoft Edge Chakra Parser::ParseFncFormals Uninitialized Arguments	0	DOS	lokihardt
2017-08-17	Microsoft Edge Chakra Uninitialized Arguments	0	DOS	lokihardt
2017-08-17	Microsoft Edge Chakra JavascriptFunction::EntryCall Mishandled CallInfo	0	DOS	lokihardt
2017-08-17	Microsoft Edge Chakra Incorrect Jit Optimization	0	DOS	lokihardt
2017-08-17	Microsoft Edge Chakra TryUndeleteProperty Incorrect Usage	0	DOS	lokihardt
2017-08-17	Microsoft Edge Chakra PushPopFrameHelper Incorrect Usage	0	DOS	lokihardt
2017-08-17	Microsoft Edge Charka Failed Re-Parse	0	DOS	lokihardt
2017-08-17	Microsoft Edge Charka PreVisitCatch Missing Call	0	DOS	lokihardt

Shellcode

Date	Description		Plat.	Author
2017-08-07	Linux x86 - /bin/sh Shellcode (24 bytes)	5	SHELLCODE	Touhid M.Shaikh
2017-07-21	Linux/x86_64 - Reverse Shell (192.168.1.8:4444) Shellcode (104 bytes)	9	SHELLCODE	m4n3dw0lf
2017-07-06	Linux/x86 - Reverse TCP Shellcode (67 bytes)	9	SHELLCODE	Geyslan G. Bem
2017-06-27	Linux/x86 - Bind Shell Shellcode (75 bytes)	11	SHELLCODE	wetw0rk
2017-06-22	Linux/x86 - Reverse UDP Shellcode (668 bytes)	15	SHELLCODE	DONTON Fetenat C
2017-06-16	Linux/x86_64 - execve("/bin/sh") Shellcode (24 bytes)	16	SHELLCODE	m4n3dw0lf
2017-06-16	Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes)	8	SHELLCODE	nullparasite
2017-06-07	Linux/x86-64 - /bin/sh Shellcode (31 bytes)	10	SHELLCODE	Touhid M.Shaikh
2017-05-18	Windows x32 / Windows x64 - cmd.exe Shellcode (718 bytes)	52	SHELLCODE	Filippo Bersani
2017-05-09	Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes)	17	SHELLCODE	Srakai

Papers

Date	Description		Plat.	Author
2017-01-12	OpenSSL - Weak KDF	54	PAPERS	anonymous
2014-08-27	SSDP Amplification Scanner	137	PAPERS	SaMaN
2014-06-26	[Hacking-Contest] SSH Server wrapper	112	PAPERS	Jakob Lell
2012-03-20	Full MSSQL Injection PWNage	241	PAPERS	CWH Underground
2011-10-12	Reverse Shell Cheat Sheet	145	PAPERS	pentestmonkey
2011-10-09	Beyond SQLi: Obfuscate and Bypass	125	PAPERS	ZeQ3uL
2011-06-02	Local File Inclusion to Remote Command Execution using SSH	178	PAPERS	LaNMaSteR53
2011-04-27	offsec官方渗透测试报告	473	PAPERS	admin