Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2026-07-07   Hydra - Stack Buffer Overflow 15 REMOTE banyamer
2026-07-07   iOS Bluetooth PAN Exploit - Ethernet Gateway without Adapter 15 REMOTE Fares Dahoumane
2026-05-30   Notepad++ 8.9.6 - Arbitrary Code Execution 151 REMOTE Kavin Jindal
2026-05-29   Microsoft - NTLMv2 Hash Capture 80 REMOTE nu11secur1ty
2026-05-29   Wing FTP Server 8.1.3 - Authenticated Remote Code Execution 80 REMOTE Ünsal Furkan Harani
2026-05-29   strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow 53 REMOTE Lukas Johannes Moeller
2026-05-07   telnetd 2.7 - Buffer Overflow 88 REMOTE jeffbarron
2026-02-11   Windows 10.0.17763.7009 - spoofing vulnerability 283 REMOTE beatrizfn
2026-02-04   windows 10/11 - NTLM Hash Disclosure Spoofing 169 REMOTE beatrizfn
2026-02-04   Redis 8.0.2 - RCE 267 REMOTE Beatriz Fresno Naumova

Local Exploits

Date D   Description Plat. Author
2026-07-07   ProtonVPN v4.4.1 - Unquoted Service Path 12 LOCAL Milad karimi
2026-07-06   MEmu Android Emulator 9.2.7.0 - Local Privilege Escalation 16 LOCAL Mohammad
2026-07-06   Windows Defender (MsMpEng.exe) - Race Condition 19 LOCAL nu11secur1ty
2026-05-29   ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion 41 LOCAL Jose Rivas
2026-05-29   ZTE Routers - Unauthenticated Denial of Service 47 LOCAL Mina Nageh Salalma
2026-05-29   ZTE ZXHN H188A V6 - Authentication Bypass 39 LOCAL Mina Nageh Salalma
2026-05-29   ZTE H298A / H108N - Unauthenticated Credential Exposure 44 LOCAL Mina Nageh Salalma
2026-05-29   Linux Kernel - Local Privilege Escalation 51 LOCAL nu11secur1ty
2026-05-27   Linux Kernel - Local Privilege Escalation 56 LOCAL nu11secur1ty
2026-05-27   Realtek rtl819x - Local Privilege 41 LOCAL Daniil Gordeev

Web Applications

Date D   Description Plat. Author
2026-07-08   Krayin CRM v2.2.x - Authenticated Remote Code Execution 14 WEB Diamorphine
2026-07-08   Atarim WordPress Plugin 4.2.2 - Sensitive Information Exposure 12 WEB Mohammad Hossein Sadeghian
2026-07-08   Langflow 1.9.0 - RCE 11 WEB Diamorphine
2026-07-08   Joomla Page Builder CK 3.5.10 - Arbitrary File Upload 9 WEB M@rAz Ali
2026-07-07   MCPJam Inspector - Remote Code Execution 16 WEB Diamorphine
2026-07-07   Flowise 3.1.3 - arbitrary code execution 11 WEB banyamer
2026-07-07   Discuz! X5.0 - Authentication Bypass 10 WEB banyamer
2026-07-07   Tenable Nessus 10.12.1 - SQL Injection 10 WEB banyamer
2026-07-07   WordPress Bricks Builder Theme - RCE 18 WEB Jared Brits
2026-07-06   Joomla Extension 4.1.4 - PHP Object injection 15 WEB Amin İsayev

DoS/PoC

Date D   Description Plat. Author
2026-05-29   strongSwan 5.9.13 - DoS 46 DOS Lukas Johannes Moeller
2025-07-28   Xlight FTP 1.1 - Denial Of Service (DOS) 170 DOS Fernando Mengali
2024-08-28   Windows TCP/IP - RCE Checker and Denial of Service 178 DOS Photubias
2024-03-28   RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service 168 DOS ice-wzl
2024-02-26   Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS' 154 DOS hyp3rlinx
2024-02-19   XAMPP - Buffer Overflow POC 147 DOS Talson
2024-02-13   VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) - Remote Denial Of Service 144 DOS LiquidWorm
2024-02-09   Elasticsearch - StackOverflow DoS 161 DOS TOUHAMI Kasbaoui
2024-02-02   Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS 166 DOS LiquidWorm
2023-10-09   OpenPLC WebServer 3 - Denial of Service 117 DOS Kai Feng

Shellcode

Date D   Description Plat. Author
2026-05-29   Win32 - Calc Shellcode 45 SHELLCODE Fernando Mengali
2025-08-04   Linux/x86_64 - execve(_/bin/sh__[_-c__cmd]_NULL) Arbitrary Command Execution She 193 SHELLCODE Muzaffer Umut ŞAHİN
2025-05-21   Windows 11 x64 - Reverse TCP Shellcode (564 bytes) 280 SHELLCODE Victor Huerlimann
2025-05-21   Linux/x86 - Reverse TCP Shellcode (95 bytes) 216 SHELLCODE Al Baradi Joy
2025-05-21   Linux/x86-64 - execve(_/bin/sh_) Shellcode (36 bytes) 170 SHELLCODE Sayan Ray
2023-09-08   Windows/x64 - PIC Null-Free TCP Reverse Shell Shellcode (476 Bytes) 149 SHELLCODE Senzee
2023-08-21   Linux/x64 - memfd_create ELF loader Shellcode (170 bytes) 157 SHELLCODE Ivan Nikolsky
2023-07-28   Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes) 152 SHELLCODE Senzee
2023-04-25   Windows/x64 - Delete File shellcode / Dynamic PEB method null-free Shellcode 150 SHELLCODE Nayani
2023-04-05   Linux/x86_64 - bash Shellcode with xor encoding 146 SHELLCODE Jeenika Anadani

Papers

Date D   Description Plat. Author
2018-11-16   The Powerful Resource of PHP Stream Wrappers 790 PAPERS Netsparker
2018-11-01   Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam 716 PAPERS phrack
2018-10-09   A Red Teamer’s guide to pivoting 677 PAPERS Artem Kondratenko
2018-10-08   Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise) 1654 PAPERS phrack
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 1523 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 1059 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 1089 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 820 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 798 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 2176 PAPERS CWH Underground