Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2018-06-11   Microsoft Windows 10 scrrun.dll Active-X Creation / Deletion Issues 34 REMOTE Nassim Asrir
2018-06-11   WebKit - not_number defineProperties UAF (Metasploit) 12 REMOTE timwr
2018-06-11   CyberArk < 10 - Memory Disclosure 6 REMOTE Thomas Zuk
2018-06-11   Git < 2.17.1 - Remote Code Execution 10 REMOTE JameelNabbo
2018-05-29   CloudMe Sync < 1.11.0 - Buffer Overflow (SEH) (DEP Bypass) 24 REMOTE Juan Prescotto
2018-05-28   Bitmain Antminer D3/L3+/S9 - Remote Command Execution 18 REMOTE CorryL
2018-05-28   D-Link DSL-2750B - OS Command Injection (Metasploit) 26 REMOTE Marcin Bury
2018-05-22   Adobe Experience Manager (AEM) Remote Code Execution 25 REMOTE StaticFlow
2018-05-22   HPE iMC 7.3 - Remote Code Execution (Metasploit) 8 REMOTE TrendyTofu
2018-05-18   Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit) 37 REMOTE icez

Local Exploits

Date D   Description Plat. Author
2018-06-11   TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass 10 LOCAL hyp3rlinx
2018-06-11   WebKitGTK+ < 2.21.3 - Crash (PoC) 10 LOCAL Dhiraj Mishra
2018-06-11   10-Strike Network Scanner 3.0 - Local Buffer Overflow (SEH) 7 LOCAL Hashim Jawad
2018-06-11   10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow ( 6 LOCAL Hashim Jawad
2018-06-11   10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) 8 LOCAL Hashim Jawad
2018-06-11   Clone2GO Video converter 2.8.2 - Buffer Overflow 5 LOCAL Gokul Babu
2018-06-11   Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasp 11 LOCAL gushmazuko
2018-06-11   Zip-n-Go 4.9 - Buffer Overflow (SEH) 5 LOCAL Hashim Jawad
2018-06-11   Sony Playstation 4 (PS4) 5.1 - Kernel (PoC) 4 LOCAL qwertyoruiop
2018-05-31   Procps-ng - Multiple Vulnerabilities 9 LOCAL Qualys Corporation

Web Applications

Date D   Description Plat. Author
2018-06-11   userSpice 4.3.24 - Username Enumeration 16 WEB Dolev Farhi
2018-06-11   userSpice 4.3.24 - 'X-Forwarded-For' Cross-Site Scripting 7 WEB Dolev Farhi
2018-06-11   XiongMai uc-httpd 1.0.0 - Buffer Overflow 7 WEB Andrew Watson
2018-06-11   Monstra CMS < 3.0.4 - Cross-Site Scripting 8 WEB DEEPIN2
2018-06-11   Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email) 7 WEB Kl3_GMjq6
2018-06-11   Pagekit < 1.0.13 - Cross-Site Scripting Code Generator 7 WEB DEEPIN2
2018-05-28   SAP Internet Transaction Server 6200.x - Session Fixation / Cross-Site Scripting 13 WEB J. Carrillo Lencina
2018-05-22   GitBucket 4.23.1 - Remote Code Execution 20 WEB Kacper Szurek
2018-05-18   Intelbras NCLOUD 300 1.0 - Authentication bypass 15 WEB Pedro Aguiar
2018-05-10   Mantis manage_proj_page PHP Code Execution 23 WEB Lars Sorenson

DoS/PoC

Date D   Description Plat. Author
2018-06-12   WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' DoS 4 DOS Dhiraj Mishra
2018-06-11   Gnome Web (Epiphany) Denial Of Service 11 DOS ldpreload
2018-06-11   Chrome V8 PromiseAllResolveElementClosure Element Confusion 9 DOS Google Security Research
2018-06-11   WebKit - Use-After-Free when Resuming Generator 5 DOS Google Security Research
2018-06-11   Google Chrome - Integer Overflow when Processing WebAssembly Locals 8 DOS Google Security Research
2018-06-11   WebKit - WebAssembly Compilation Info Leak 8 DOS Google Security Research
2018-06-11   Apple macOS/iOS Kernel - Heap Overflow Due to Lack of Lower Size Check in getvol 7 DOS Google Security Research
2018-06-11   Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Dri 6 DOS Google Security Research
2018-06-11   PHP 7.2.2 - 'php_stream_url_wrap_http_ex' Buffer Overflow 6 DOS Wei Lei and Liu Yang
2018-06-11   Linux Kernel < 4.16.11 - 'ext4_read_inline_data()' Memory Corruption 10 DOS Google Security Research

Shellcode

Date D   Description Plat. Author
2018-06-11   Linux/ARM - Egghunter (0x50905090) + execve('/bin/sh') Shellcode (60 bytes) 8 SHELLCODE rtmcx
2018-05-31   Linux/ARM - Egghunter + /bin/sh Shellcode (32 bytes) 7 SHELLCODE Ken Kitahara
2018-05-31   Linux/x86 - Bind (4444/TCP) Shell Shellcode (105 bytes) 10 SHELLCODE Paolo Perego
2018-05-31   Linux/x86 - EggHunter + access() Shellcode (38 bytes) 4 SHELLCODE Paolo Perego
2018-05-29   Linux/x86 - Bind (5555/TCP) Shell Shellcode (98 bytes) 8 SHELLCODE Luca
2018-05-28   Linux/x86 - Reverse (10.0.7.17:4444/TCP) Shell (/bin/sh) Shellcode (101 Bytes) 9 SHELLCODE Jonathan Crosby
2018-05-28   Linux/x86 - Reverse (10.10.2.4:4444/TCP) Shell Shellcode (68 bytes) 7 SHELLCODE Nuno Freitas
2018-05-28   Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (113 bytes) 8 SHELLCODE Matteo Malvica
2018-05-15   Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes 10 SHELLCODE Paolo Perego
2018-05-11   Linux/x86 - Read /etc/passwd Shellcode (62 bytes) 9 SHELLCODE Nuno Freitas

Papers

Date D   Description Plat. Author
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 152 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 199 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 171 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 248 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 253 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 368 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 255 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 224 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 331 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 724 PAPERS admin