Vulnerability & Exploit Database

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 140,000 vulnerabilities and 3,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 4,285 in total
WordPress Total Upkeep Unauthenticated Backup Downloader
Disclosed: December 12, 2020
module
Explore
WordPress Easy WP SMTP Password Reset
Disclosed: December 06, 2020
module
Explore
PEAR Archive_Tar < 1.4.11 Arbitrary File Write
Disclosed: November 17, 2020
module
Explore
WordPress AIT CSV Import Export Unauthenticated Remote Code Execution
Disclosed: November 14, 2020
module
Explore
SaltStack Salt REST API Arbitrary Command Execution
Disclosed: November 03, 2020
module
Explore
Rapid7 Metasploit Framework msfvenom APK Template Command Injection
Disclosed: October 29, 2020
module
Explore
Pulse Secure VPN gzip RCE
Disclosed: October 26, 2020
module
Explore
WordPress Loginizer log SQLi Scanner
Disclosed: October 21, 2020
module
Explore
Oracle Solaris SunSSH PAM parse_user_name() Buffer Overflow
Disclosed: October 20, 2020
module
Explore
Oracle WebLogic Server Administration Console Handle RCE
Disclosed: October 20, 2020
module
Explore
Apache ZooKeeper Information Disclosure
Disclosed: October 14, 2020
module
Explore
Kong Gateway Admin API Remote Code Execution
Disclosed: October 13, 2020
module
Explore
Microsoft SharePoint Server-Side Include and ViewState RCE
Disclosed: October 13, 2020
module
Explore
Apache NiFi API Remote Code Execution
Disclosed: October 03, 2020
module
Explore
OpenMediaVault rpc.php Authenticated PHP Code Injection
Disclosed: September 28, 2020
module
Explore
FlexDotnetCMS Arbitrary ASP File Upload
Disclosed: September 28, 2020
module
Explore
HorizontCMS Arbitrary PHP File Upload
Disclosed: September 24, 2020
module
Explore
Apache Struts 2 Forced Multi OGNL Evaluation
Disclosed: September 14, 2020
module
Explore
MobileIron MDM Hessian-Based Java Deserialization RCE
Disclosed: September 12, 2020
module
Explore
WordPress File Manager Unauthenticated Remote Code Execution
Disclosed: September 09, 2020
module
Explore