• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 61 - 80 of 6,028 in total
Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read
Disclosed: June 25, 2024
module
Explore
vCenter Sudo Privilege Escalation
Disclosed: June 18, 2024
module
Explore
Windows Access Mode Mismatch LPE in ks.sys
Disclosed: June 11, 2024
module
Explore
Magento XXE Unserialize Arbitrary File Read
Disclosed: June 11, 2024
module
Explore
Windows Kernel Time of Check Time of Use LPE in AuthzBasepCopyoutInternalSecurityAttributes
Disclosed: June 11, 2024
module
Explore
PHP CGI Argument Injection Remote Code Execution
Disclosed: June 06, 2024
module
Explore
Telerik Report Server Auth Bypass
Disclosed: June 04, 2024
module
Explore
Telerik Report Server Auth Bypass and Deserialization RCE
Disclosed: June 04, 2024
module
Explore
WSO2 API Manager Documentation File Upload Remote Code Execution
Disclosed: May 31, 2024
module
Explore
Apache OFBiz forgotPassword/ProgramExport RCE
Disclosed: May 30, 2024
module
Explore
Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution
Disclosed: May 25, 2024
module
Explore
Ivanti EPM RecordGoodApp SQLi RCE
Disclosed: May 24, 2024
module
Explore
WordPress Hash Form Plugin RCE
Disclosed: May 23, 2024
module
Explore
Atlassian Confluence Administrator Code Macro Remote Code Execution
Disclosed: May 21, 2024
module
Explore
Cacti Import Packages RCE
Disclosed: May 12, 2024
module
Explore
DIAEnergie SQL Injection (CVE-2024-4548)
Disclosed: May 06, 2024
module
Explore
Flowmon Unauthenticated Command Injection
Disclosed: April 23, 2024
module
Explore
Apache HugeGraph Gremlin RCE
Disclosed: April 22, 2024
module
Explore
FortiNet FortiClient Endpoint Management Server FCTID SQLi to RCE
Disclosed: April 21, 2024
module
Explore
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
Disclosed: April 12, 2024
module
Explore