Vulnerability & Exploit Database

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 140,000 vulnerabilities and 3,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 4,343 in total
ExifTool DjVu ANT Perl injection
Disclosed: May 24, 2021
module
Explore
Google Chrome versions before 89.0.4389.128 V8 XOR Typer Out-Of-Bounds Access RCE
Disclosed: April 13, 2021
module
Explore
Cockpit CMS NoSQLi to RCE
Disclosed: April 13, 2021
module
Explore
VMware vRealize Operations (vROps) Manager SSRF RCE
Disclosed: March 30, 2021
module
Explore
GravCMS Remote Command Execution
Disclosed: March 29, 2021
module
Explore
macOS Gatekeeper check bypass
Disclosed: March 25, 2021
module
Explore
Apache OFBiz SOAP Java Deserialization
Disclosed: March 22, 2021
module
Explore
F5 iControl REST Unauthenticated SSRF Token Generation RCE
Disclosed: March 10, 2021
module
Explore
VMware View Planner Unauthenticated Log File Upload RCE
Disclosed: March 02, 2021
module
Explore
Microsoft Exchange ProxyLogon Scanner
Disclosed: March 02, 2021
module
Explore
Microsoft Exchange ProxyLogon Collector
Disclosed: March 02, 2021
module
Explore
Microsoft Exchange ProxyLogon RCE
Disclosed: March 02, 2021
module
Explore
FortiLogger Arbitrary File Upload Exploit
Disclosed: February 26, 2021
module
Explore
SaltStack Salt API Unauthenticated RCE through wheel_async client
Disclosed: February 25, 2021
module
Explore
IGEL OS Secure VNC/Terminal Command Injection RCE
Disclosed: February 25, 2021
module
Explore
VMware vCenter Server Unauthenticated OVA File Upload RCE
Disclosed: February 23, 2021
module
Explore
Windows Server 2012 SrClient DLL hijacking
Disclosed: February 19, 2021
module
Explore
Win32k ConsoleControl Offset Confusion
Disclosed: February 10, 2021
module
Explore
Micro Focus Operations Bridge Reporter Unauthenticated Command Injection
Disclosed: February 09, 2021
module
Explore
Advantech iView Unauthenticated Remote Code Execution
Disclosed: February 09, 2021
module
Explore