• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Vulnerability Scanner
2024 Attack Intel Report

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 281 - 300 of 5,807 in total
GLPI htmLawed php command injection
Disclosed: January 26, 2022
module
Explore
Local Privilege Escalation in polkits pkexec
Disclosed: January 25, 2022
module
Explore
Wordpress RegistrationMagic task_ids Authenticated SQLi
Disclosed: January 23, 2022
module
Explore
Apache Couchdb Erlang RCE
Disclosed: January 21, 2022
module
Explore
TerraMaster TOS 4.2.15 or lower - RCE chain from unauthenticated to root via session crafting.
Disclosed: December 24, 2021
module
Explore
SonicWall SMA 100 Series Authenticated Command Injection
Disclosed: December 14, 2021
module
Explore
WordPress Modern Events Calendar SQLi Scanner
Disclosed: December 13, 2021
module
Explore
MobileIron Core Unauthenticated JNDI Injection RCE (via Log4Shell)
Disclosed: December 12, 2021
module
Explore
Microsoft Exchange Server ChainedSerializationBinder Deny List Typo RCE
Disclosed: December 09, 2021
module
Explore
Microsoft Exchange Server ChainedSerializationBinder RCE
Disclosed: December 09, 2021
module
Explore
Log4Shell HTTP Scanner
Disclosed: December 09, 2021
module
Explore
VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)
Disclosed: December 09, 2021
module
Explore
UniFi Network Application Unauthenticated JNDI Injection RCE (via Log4Shell)
Disclosed: December 09, 2021
module
Explore
Log4Shell HTTP Header Injection
Disclosed: December 09, 2021
module
Explore
AjaxPro Deserialization Remote Code Execution
Disclosed: December 03, 2021
module
Explore
Grafana Plugin Path Traversal
Disclosed: December 02, 2021
module
Explore
Ivanti Cloud Services Appliance (CSA) Command Injection
Disclosed: December 02, 2021
module
Explore
Wordpress Secure Copy Content Protection and Content Locking sccp_id Unauthenticated SQLi
Disclosed: November 08, 2021
module
Explore
Cisco RV Series Authentication Bypass and Command Injection
Disclosed: November 02, 2021
module
Explore
Sitecore Experience Platform (XP) PreAuth Deserialization RCE
Disclosed: November 02, 2021
module
Explore