• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 101 - 120 of 6,028 in total
ConnectWise ScreenConnect Unauthenticated Remote Code Execution
Disclosed: February 19, 2024
module
Explore
QNAP QTS and QuTS Hero Unauthenticated Remote Code Execution in quick.cgi
Disclosed: February 13, 2024
module
Explore
WordPress Ultimate Member SQL Injection (CVE-2024-1071)
Disclosed: February 10, 2024
module
Explore
Rancher Audit Log Sensitive Information Leak
Disclosed: February 08, 2024
module
Explore
runc (docker) File Descriptor Leak Privilege Escalation
Disclosed: January 31, 2024
module
Explore
Ivanti Connect Secure Unauthenticated Remote Code Execution
Disclosed: January 31, 2024
module
Explore
GitLab Tags RSS feed email disclosure
Disclosed: January 25, 2024
module
Explore
Zyxel parse_config.py Command Injection
Disclosed: January 24, 2024
module
Explore
Jenkins cli Ampersand Replacement Arbitrary File Read
Disclosed: January 24, 2024
module
Explore
Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
Disclosed: January 22, 2024
module
Explore
Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability
Disclosed: January 19, 2024
module
Explore
Atlassian Confluence SSTI Injection
Disclosed: January 16, 2024
module
Explore
Netis router MW5360 unauthenticated RCE.
Disclosed: January 11, 2024
module
Explore
GitLab Password Reset Account Takeover
Disclosed: January 11, 2024
module
Explore
Ivanti Connect Secure Unauthenticated Remote Code Execution
Disclosed: January 10, 2024
module
Explore
Wordpress POST SMTP Account Takeover
Disclosed: January 10, 2024
module
Explore
Cacti RCE via SQLi in pollers.php
Disclosed: December 20, 2023
module
Explore
MajorDoMo Command Injection
Disclosed: December 15, 2023
module
Explore
WordPress Backup Migration Plugin PHP Filter Chain RCE
Disclosed: December 11, 2023
module
Explore
GL.iNet Unauthenticated Remote Command Execution via the logread module.
Disclosed: December 10, 2023
module
Explore