Vulnerability & Exploit Database

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 4,966 in total
F5 BIG-IP iControl Authenticated RCE via RPM Creator
Disclosed: November 16, 2022
module
Explore
F5 BIG-IP iControl CSRF File Write SOAP API
Disclosed: November 16, 2022
module
Explore
VMware NSX Manager XStream unauthenticated RCE
Disclosed: October 25, 2022
module
Explore
Zimbra sudo + postfix privilege escalation
Disclosed: October 13, 2022
module
Explore
Fortinet FortiOS, FortiProxy, and FortiSwitchManager authentication bypass.
Disclosed: October 10, 2022
module
Explore
Microsoft Exchange ProxyNotShell RCE
Disclosed: September 28, 2022
module
Explore
Mobile Mouse RCE
Disclosed: September 20, 2022
module
Explore
Remote Control Collection RCE
Disclosed: September 20, 2022
module
Explore
Ubuntu Enlightenment Mount Priv Esc
Disclosed: September 13, 2022
module
Explore
pfSense plugin pfBlockerNG unauthenticated RCE as root
Disclosed: September 05, 2022
module
Explore
Bitbucket Git Command Injection
Disclosed: August 24, 2022
module
Explore
FLIR AX8 unauthenticated RCE
Disclosed: August 19, 2022
module
Explore
Delinea Thycotic Secret Server Dump
Disclosed: August 15, 2022
module
Explore
VMware Workspace ONE Access CVE-2022-31660
Disclosed: August 02, 2022
module
Explore
Webmin Package Updates RCE
Disclosed: July 26, 2022
module
Explore
Apache Spark Unauthenticated Command Injection RCE
Disclosed: July 18, 2022
module
Explore
Roxy-WI Prior to 6.1.1.0 Unauthenticated Command Injection RCE
Disclosed: July 06, 2022
module
Explore
ManageEngine ADAudit Plus CVE-2022-28219
Disclosed: June 29, 2022
module
Explore
TAR Path Traversal in Zimbra (CVE-2022-41352)
Disclosed: June 28, 2022
module
Explore
Advantech iView NetworkServlet Command Injection
Disclosed: June 28, 2022
module
Explore