Vulnerability & Exploit Database

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 4,801 in total
F5 BIG-IP iControl RCE via REST Authentication Bypass
Disclosed: May 04, 2022
module
Explore
Zyxel Firewall ZTP Unauthenticated Command Injection
Disclosed: April 28, 2022
module
Explore
ZoneMinder Language Settings Remote Code Execution
Disclosed: April 27, 2022
module
Explore
VMware vCenter Forge SAML Authentication Credentials
Disclosed: April 20, 2022
module
Explore
ManageEngine ADSelfService Plus Custom Script Execution
Disclosed: April 09, 2022
module
Explore
VMware Workspace ONE Access CVE-2022-22954
Disclosed: April 06, 2022
module
Explore
ALLMediaServer 1.6 SEH Buffer Overflow
Disclosed: April 01, 2022
module
Explore
WSO2 Arbitrary File Upload to RCE
Disclosed: April 01, 2022
module
Explore
Spring Framework Class property RCE (Spring4Shell)
Disclosed: March 31, 2022
module
Explore
Spring Cloud Function SpEL Injection
Disclosed: March 29, 2022
module
Explore
User Profile Arbitrary Junction Creation Local Privilege Elevation
Disclosed: March 17, 2022
module
Explore
Watch Queue Out of Bounds Write
Disclosed: March 14, 2022
module
Explore
GitLab GraphQL API User Enumeration
Disclosed: February 25, 2022
module
Explore
pfSense Diag Routes Web Shell Upload
Disclosed: February 23, 2022
module
Explore
Dirty Pipe Local Privilege Escalation via CVE-2022-0847
Disclosed: February 20, 2022
module
Explore
Redis Lua Sandbox Escape
Disclosed: February 18, 2022
module
Explore
Wordpress MasterStudy Admin Account Creation
Disclosed: February 18, 2022
module
Explore
CVE-2022-21999 SpoolFool Privesc
Disclosed: February 08, 2022
module
Explore
Cisco RV340 SSL VPN Unauthenticated Remote Code Execution
Disclosed: February 02, 2022
module
Explore
Microweber CMS v1.2.10 Local File Inclusion (Authenticated)
Disclosed: January 30, 2022
module
Explore