Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2017-08-02   Microsoft Windows LNK Shortcut File Code Execution 45 REMOTE Yorick Koster
2017-08-01   DiskBoss Enterprise 8.2.14 - Buffer Overflow 8 REMOTE Ahmad Mahfouz
2017-08-01   Jenkins < 1.650 - Java Deserialization 16 REMOTE Janusz Piechówka
2017-07-25   VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command Execu 11 REMOTE Brendan Coles
2017-07-25   IPFire < 2.19 Update Core 110 - Remote Code Execution (Metasploit) 12 REMOTE h00die
2017-07-25   Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution (MS17-007) 16 REMOTE Mohamed Hamdy
2017-07-25   Easy Chat Server User Registeration Buffer Overflow (SEH) 5 REMOTE Marco Rivoli
2017-07-25   Metasploit RPC Console Command Execution 15 REMOTE Brendan Coles
2017-07-18   Belkin NetCam F7D7601 - Multiple Vulnerabilities 14 REMOTE Wadeek
2017-07-17   Windows Browser Example Exploit 46 REMOTE sinn3r

Local Exploits

Date D   Description Plat. Author
2017-08-16   Internet Download Manager 6.28 Build 17 - Buffer Overflow (SEH Unicode) 4 LOCAL f3ci
2017-08-16   ALLPlayer 7.4 - Buffer Overflow (SEH Unicode) 1 LOCAL f3ci
2017-08-15   Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation 2 LOCAL Securify
2017-08-09   Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS 6 LOCAL Saif
2017-08-07   Microsoft Windows - LNK Shortcut File Code Execution 5 LOCAL nixawk
2017-08-04   DNSTracer 1.9 - Buffer Overflow 2 LOCAL j0lama
2017-08-03   Hashicorp vagrant-vmware-fusion 4.0.23 Local Root Privilege Escalation 5 LOCAL Mark Wadham
2017-08-02   Nitro Pro PDF Reader 11.0.3.173 Remote Code Execution 4 LOCAL sinn3r
2017-07-28   AudioCoder 0.8.46 - Local Buffer Overflow (SEH) 0 LOCAL Muhann4d
2017-07-28   MediaCoder 0.8.48.5888 - Local Buffer Overflow (SEH) 0 LOCAL Muhann4d

Web Applications

Date D   Description Plat. Author
2017-08-11   DALIM SOFTWARE ES Core 5.0 Build 7184.1 User Enumeration 6 WEB LiquidWorm
2017-08-09   Synology Photo Station 6.7.3-3432 / 6.3-2967 - Remote Code Execution 1 WEB Kacper Szurek
2017-08-02   Advantech SUSIAccess <= 3.0 - 'RecoveryMgmt' File Upload 7 WEB James Fitts
2017-08-02   Advantech SUSIAccess <= 3.0 - Directory Traversal / Information Disclosure (Meta 3 WEB James Fitts
2017-07-31   GitHub Enterprise < 2.8.7 - Remote Code Execution 8 WEB orange
2017-07-27   WebKit JSC - 'JSObject::putInlineSlow and JSValue::putToPrimitive' Universal Cro 1 WEB Google Security Research
2017-07-25   ManageEngine Desktop Central 10 Build 100087 - Remote Code Execution (Metasploit 6 WEB Kacper Szurek
2017-07-21   Netscaler SD-WAN 9.1.2.26.561201 - Command Injection (Metasploit) 15 WEB xort
2017-07-21   Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit 7 WEB xort
2017-07-21   Sonicwall < 8.1.0.6-21sv - 'gencsr.cgi' Command Injection (Metasploit) 6 WEB xort

DoS/PoC

Date D   Description Plat. Author
2017-08-17   Microsoft Edge Chakra Incorrect Jit Optimization 0 DOS lokihardt
2017-08-17   Microsoft Edge Chakra EmitNew Integer Overflow 0 DOS lokihardt
2017-08-17   Microsoft Edge Chakra Parser::ParseFncFormals Uninitialized Arguments 0 DOS lokihardt
2017-08-17   Microsoft Edge Chakra Uninitialized Arguments 0 DOS lokihardt
2017-08-17   Microsoft Edge Chakra JavascriptFunction::EntryCall Mishandled CallInfo 0 DOS lokihardt
2017-08-17   Microsoft Edge Chakra Incorrect Jit Optimization 0 DOS lokihardt
2017-08-17   Microsoft Edge Chakra TryUndeleteProperty Incorrect Usage 0 DOS lokihardt
2017-08-17   Microsoft Edge Chakra PushPopFrameHelper Incorrect Usage 0 DOS lokihardt
2017-08-17   Microsoft Edge Charka Failed Re-Parse 0 DOS lokihardt
2017-08-17   Microsoft Edge Charka PreVisitCatch Missing Call 0 DOS lokihardt

Shellcode

Date D   Description Plat. Author
2017-08-07   Linux x86 - /bin/sh Shellcode (24 bytes) 5 SHELLCODE Touhid M.Shaikh
2017-07-21   Linux/x86_64 - Reverse Shell (192.168.1.8:4444) Shellcode (104 bytes) 9 SHELLCODE m4n3dw0lf
2017-07-06   Linux/x86 - Reverse TCP Shellcode (67 bytes) 9 SHELLCODE Geyslan G. Bem
2017-06-27   Linux/x86 - Bind Shell Shellcode (75 bytes) 11 SHELLCODE wetw0rk
2017-06-22   Linux/x86 - Reverse UDP Shellcode (668 bytes) 15 SHELLCODE DONTON Fetenat C
2017-06-16   Linux/x86_64 - execve("/bin/sh") Shellcode (24 bytes) 16 SHELLCODE m4n3dw0lf
2017-06-16   Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes) 8 SHELLCODE nullparasite
2017-06-07   Linux/x86-64 - /bin/sh Shellcode (31 bytes) 10 SHELLCODE Touhid M.Shaikh
2017-05-18   Windows x32 / Windows x64 - cmd.exe Shellcode (718 bytes) 52 SHELLCODE Filippo Bersani
2017-05-09   Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes) 17 SHELLCODE Srakai

Papers

Date D   Description Plat. Author
2017-01-12   OpenSSL - Weak KDF 54 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 137 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 112 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 241 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 145 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 125 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 178 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 473 PAPERS admin