Vulnerability & Exploit Database

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 5,696 in total
Gibbon School Platform Authenticated PHP Deserialization Vulnerability
Disclosed: March 18, 2024
module
Explore
Artica Proxy Unauthenticated PHP Deserialization Vulnerability
Disclosed: March 05, 2024
module
Explore
JetBrains TeamCity Unauthenticated Remote Code Execution
Disclosed: March 04, 2024
module
Explore
ConnectWise ScreenConnect Unauthenticated Remote Code Execution
Disclosed: February 19, 2024
module
Explore
Unauthenticated RCE in Bricks Builder Theme
Disclosed: February 19, 2024
module
Explore
QNAP QTS and QuTS Hero Unauthenticated Remote Code Execution in quick.cgi
Disclosed: February 13, 2024
module
Explore
Rancher Audit Log Sensitive Information Leak
Disclosed: February 08, 2024
module
Explore
runc (docker) File Descriptor Leak Privilege Escalation
Disclosed: January 31, 2024
module
Explore
Ivanti Connect Secure Unauthenticated Remote Code Execution
Disclosed: January 31, 2024
module
Explore
GitLab Tags RSS feed email disclosure
Disclosed: January 25, 2024
module
Explore
Jenkins cli Ampersand Replacement Arbitrary File Read
Disclosed: January 24, 2024
module
Explore
Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
Disclosed: January 22, 2024
module
Explore
Atlassian Confluence SSTI Injection
Disclosed: January 16, 2024
module
Explore
GitLab Password Reset Account Takeover
Disclosed: January 11, 2024
module
Explore
Ivanti Connect Secure Unauthenticated Remote Code Execution
Disclosed: January 10, 2024
module
Explore
Cacti RCE via SQLi in pollers.php
Disclosed: December 20, 2023
module
Explore
MajorDoMo Command Injection
Disclosed: December 15, 2023
module
Explore
WordPress Backup Migration Plugin PHP Filter Chain RCE
Disclosed: December 11, 2023
module
Explore
GL.iNet Unauthenticated Remote Command Execution via the logread module.
Disclosed: December 10, 2023
module
Explore
Splunk Authenticated XSLT Upload RCE
Disclosed: November 28, 2023
module
Explore