Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2018-10-15   NoMachine 5.3.26 Remote Code Execution 19 REMOTE hyp3rlinx
2018-10-11   DELL EMC OneFS Storage Administration 8.1.2.0 .zshrc Overwrite 14 REMOTE wetw0rk
2018-10-11   Delta Electronics Delta Industrial Automation COMMGR 1.08 Buffer Overflow 7 REMOTE t4rkd3vilz
2018-10-11   MicroTik RouterOS < 6.43rc3 - Remote Root 10 REMOTE Jacob Baines
2018-10-09   Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow 14 REMOTE hubertwslin
2018-10-09   Cisco Prime Infrastructure - Unauthenticated Remote Code Execution 10 REMOTE Pedro Ribeiro
2018-10-08   Unitrends UEB HTTP API Remote Code Execution 9 REMOTE h00die
2018-09-19   NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet) 45 REMOTE Jacob Baines
2018-09-18   CA Release Automation NiMi 6.5 - Remote Command Execution 35 REMOTE Jakub Palaczynski
2018-09-17   Apache Syncope 2.0.7 Remote Code Execution 42 REMOTE Che-Chun Kuo

Local Exploits

Date D   Description Plat. Author
2018-10-18   Git Submodule Arbitrary Code Execution 3 LOCAL joernchen
2018-10-18   Any Sound Recorder 2.93 Buffer Overflow 4 LOCAL Abdullah Alıç
2018-10-16   Snes9K 0.0.9z - Buffer Overflow (SEH) 4 LOCAL Abdullah Alıç
2018-10-16   Solaris RSH Stack Clash Privilege Escalation 3 LOCAL Brendan Coles
2018-10-12   Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Inject 11 LOCAL hyp3rlinx
2018-10-12   Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injecti 4 LOCAL hyp3rlinx
2018-10-12   Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection 3 LOCAL hyp3rlinx
2018-10-11   VLC Media Player 2.2.8 MKV Use-After-Free 11 LOCAL GovTech
2018-10-10   Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass) 4 LOCAL Matteo Malvica
2018-10-09   ifwatchd Privilege Escalation 5 LOCAL Brendan Coles

Web Applications

Date D   Description Plat. Author
2018-10-17   Heatmiser Wifi Thermostat 1.7 - Credential Disclosure 7 WEB d0wnp0ur
2018-10-16   Academic Timetable Final Build 7.0 - Information Disclosure 7 WEB Ihsan Sencan
2018-10-16   FLIR Brickstream 3D+ - RTSP Stream Disclosure 3 WEB LiquidWorm
2018-10-16   FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution 4 WEB LiquidWorm
2018-10-15   FluxBB < 1.5.6 - SQL Injection 5 WEB secthrowaway
2018-10-15   Phoenix Contact WebVisit 2985725 - Authentication Bypass 3 WEB Photubias
2018-10-12   Phoenix Contact WebVisit 6.40.00 - Password Disclosure 6 WEB Photubias
2018-10-09   Imperva SecureSphere 13 - Remote Command Execution 20 WEB rsp3ar
2018-10-09   FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure 5 WEB LiquidWorm
2018-10-08   Navigate CMS Unauthenticated Remote Code Execution 5 WEB Pyriphlegethon

DoS/PoC

Date D   Description Plat. Author
2018-10-11   FileZilla 3.33 - Buffer Overflow (PoC) 10 DOS Kağan Çapar
2018-10-10   Microsoft Edge Chakra JIT - Type Confusion 6 DOS Google Security Research
2018-10-10   Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass 3 DOS Google Security Research
2018-10-09   Linux - Kernel Pointer Leak via BPF 6 DOS Google Security Research
2018-10-09   net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC) 5 DOS Magnus Klaaborg Stubman
2018-10-08   FTP Voyager 16.2.0 - Denial of Service (PoC) 4 DOS Abdullah Alıç
2018-09-28   AppArmor Filesystem Blacklisting Bypass 7 DOS Google Security Research
2018-09-27   CrossFont 7.5 - Denial of Service (PoC) 7 DOS Gionathan Reale
2018-09-27   TransMac 12.2 - Denial of Service (PoC) 10 DOS Gionathan Reale
2018-09-26   WebKit - 'WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIf 10 DOS Google Security Research

Shellcode

Date D   Description Plat. Author
2018-10-09   Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shel 11 SHELLCODE cq674350529
2018-10-09   Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 byt 7 SHELLCODE Kartik Durg
2018-10-08   Linux/x86 - execve(/bin/sh) + NOT/SHIFT-N/XOR-N Encoded Shellcode (50 byes) 4 SHELLCODE Pedro Cabral
2018-09-27   Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 By 13 SHELLCODE Ken Kitahara
2018-09-25   Linux/ARM - sigaction() Based Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) S 5 SHELLCODE Ken Kitahara
2018-09-25   Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes 8 SHELLCODE Ken Kitahara
2018-09-21   Linux/x86 - Egghunter (0x50905090) + sigaction() Shellcode (27 bytes) 5 SHELLCODE Valerio Brussani
2018-09-18   Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Byt 10 SHELLCODE Ken Kitahara
2018-09-17   Linux/x86 - echo "Hello World" + Random Bytewise XOR + Insertion Encoder Shellco 10 SHELLCODE Ray Doyle
2018-09-17   Linux/86 - File Modification (/etc/hosts 127.1.1.1 google.com) + Polymorphic She 8 SHELLCODE Ray Doyle

Papers

Date D   Description Plat. Author
2018-10-09   A Red Teamer’s guide to pivoting 10 PAPERS Artem Kondratenko
2018-10-08   Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise) 5 PAPERS phrack
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 208 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 279 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 242 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 291 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 274 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 425 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 290 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 257 PAPERS ZeQ3uL