The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits

Date	Description		Plat.	Author
2018-06-11	Microsoft Windows 10 scrrun.dll Active-X Creation / Deletion Issues	34	REMOTE	Nassim Asrir
2018-06-11	WebKit - not_number defineProperties UAF (Metasploit)	12	REMOTE	timwr
2018-06-11	CyberArk < 10 - Memory Disclosure	6	REMOTE	Thomas Zuk
2018-06-11	Git < 2.17.1 - Remote Code Execution	10	REMOTE	JameelNabbo
2018-05-29	CloudMe Sync < 1.11.0 - Buffer Overflow (SEH) (DEP Bypass)	24	REMOTE	Juan Prescotto
2018-05-28	Bitmain Antminer D3/L3+/S9 - Remote Command Execution	18	REMOTE	CorryL
2018-05-28	D-Link DSL-2750B - OS Command Injection (Metasploit)	26	REMOTE	Marcin Bury
2018-05-22	Adobe Experience Manager (AEM) Remote Code Execution	25	REMOTE	StaticFlow
2018-05-22	HPE iMC 7.3 - Remote Code Execution (Metasploit)	8	REMOTE	TrendyTofu
2018-05-18	Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)	37	REMOTE	icez

Local Exploits

Date	Description		Plat.	Author
2018-06-11	TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass	10	LOCAL	hyp3rlinx
2018-06-11	WebKitGTK+ < 2.21.3 - Crash (PoC)	10	LOCAL	Dhiraj Mishra
2018-06-11	10-Strike Network Scanner 3.0 - Local Buffer Overflow (SEH)	7	LOCAL	Hashim Jawad
2018-06-11	10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow (	6	LOCAL	Hashim Jawad
2018-06-11	10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH)	8	LOCAL	Hashim Jawad
2018-06-11	Clone2GO Video converter 2.8.2 - Buffer Overflow	5	LOCAL	Gokul Babu
2018-06-11	Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasp	11	LOCAL	gushmazuko
2018-06-11	Zip-n-Go 4.9 - Buffer Overflow (SEH)	5	LOCAL	Hashim Jawad
2018-06-11	Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)	4	LOCAL	qwertyoruiop
2018-05-31	Procps-ng - Multiple Vulnerabilities	9	LOCAL	Qualys Corporation

Web Applications

Date	Description		Plat.	Author
2018-06-11	userSpice 4.3.24 - Username Enumeration	16	WEB	Dolev Farhi
2018-06-11	userSpice 4.3.24 - 'X-Forwarded-For' Cross-Site Scripting	7	WEB	Dolev Farhi
2018-06-11	XiongMai uc-httpd 1.0.0 - Buffer Overflow	7	WEB	Andrew Watson
2018-06-11	Monstra CMS < 3.0.4 - Cross-Site Scripting	8	WEB	DEEPIN2
2018-06-11	Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email)	7	WEB	Kl3_GMjq6
2018-06-11	Pagekit < 1.0.13 - Cross-Site Scripting Code Generator	7	WEB	DEEPIN2
2018-05-28	SAP Internet Transaction Server 6200.x - Session Fixation / Cross-Site Scripting	13	WEB	J. Carrillo Lencina
2018-05-22	GitBucket 4.23.1 - Remote Code Execution	20	WEB	Kacper Szurek
2018-05-18	Intelbras NCLOUD 300 1.0 - Authentication bypass	15	WEB	Pedro Aguiar
2018-05-10	Mantis manage_proj_page PHP Code Execution	23	WEB	Lars Sorenson

DoS/PoC

Date	Description		Plat.	Author
2018-06-12	WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' DoS	4	DOS	Dhiraj Mishra
2018-06-11	Gnome Web (Epiphany) Denial Of Service	11	DOS	ldpreload
2018-06-11	Chrome V8 PromiseAllResolveElementClosure Element Confusion	9	DOS	Google Security Research
2018-06-11	WebKit - Use-After-Free when Resuming Generator	5	DOS	Google Security Research
2018-06-11	Google Chrome - Integer Overflow when Processing WebAssembly Locals	8	DOS	Google Security Research
2018-06-11	WebKit - WebAssembly Compilation Info Leak	8	DOS	Google Security Research
2018-06-11	Apple macOS/iOS Kernel - Heap Overflow Due to Lack of Lower Size Check in getvol	7	DOS	Google Security Research
2018-06-11	Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Dri	6	DOS	Google Security Research
2018-06-11	PHP 7.2.2 - 'php_stream_url_wrap_http_ex' Buffer Overflow	6	DOS	Wei Lei and Liu Yang
2018-06-11	Linux Kernel < 4.16.11 - 'ext4_read_inline_data()' Memory Corruption	10	DOS	Google Security Research

Shellcode

Date	Description		Plat.	Author
2018-06-11	Linux/ARM - Egghunter (0x50905090) + execve('/bin/sh') Shellcode (60 bytes)	8	SHELLCODE	rtmcx
2018-05-31	Linux/ARM - Egghunter + /bin/sh Shellcode (32 bytes)	7	SHELLCODE	Ken Kitahara
2018-05-31	Linux/x86 - Bind (4444/TCP) Shell Shellcode (105 bytes)	10	SHELLCODE	Paolo Perego
2018-05-31	Linux/x86 - EggHunter + access() Shellcode (38 bytes)	4	SHELLCODE	Paolo Perego
2018-05-29	Linux/x86 - Bind (5555/TCP) Shell Shellcode (98 bytes)	8	SHELLCODE	Luca
2018-05-28	Linux/x86 - Reverse (10.0.7.17:4444/TCP) Shell (/bin/sh) Shellcode (101 Bytes)	9	SHELLCODE	Jonathan Crosby
2018-05-28	Linux/x86 - Reverse (10.10.2.4:4444/TCP) Shell Shellcode (68 bytes)	7	SHELLCODE	Nuno Freitas
2018-05-28	Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (113 bytes)	8	SHELLCODE	Matteo Malvica
2018-05-15	Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes	10	SHELLCODE	Paolo Perego
2018-05-11	Linux/x86 - Read /etc/passwd Shellcode (62 bytes)	9	SHELLCODE	Nuno Freitas

Papers

Date	Description		Plat.	Author
2018-01-15	Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata	152	PAPERS	phrack
2017-08-28	Abusing Token Privileges For LPE	199	PAPERS	drone and breenmachine
2017-01-12	OpenSSL - Weak KDF	171	PAPERS	anonymous
2014-08-27	SSDP Amplification Scanner	248	PAPERS	SaMaN
2014-06-26	[Hacking-Contest] SSH Server wrapper	253	PAPERS	Jakob Lell
2012-03-20	Full MSSQL Injection PWNage	368	PAPERS	CWH Underground
2011-10-12	Reverse Shell Cheat Sheet	255	PAPERS	pentestmonkey
2011-10-09	Beyond SQLi: Obfuscate and Bypass	224	PAPERS	ZeQ3uL
2011-06-02	Local File Inclusion to Remote Command Execution using SSH	331	PAPERS	LaNMaSteR53
2011-04-27	offsec官方渗透测试报告	724	PAPERS	admin