A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 101 - 120 of 5,808 in total
Progress Software WS_FTP Unauthenticated Remote Code Execution
Disclosed: September 27, 2023
module
Explore
Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.
Disclosed: September 27, 2023
module
Explore
JetBrains TeamCity Unauthenticated Remote Code Execution
Disclosed: September 19, 2023
module
Explore
Craft CMS unauthenticated Remote Code Execution (RCE)
Disclosed: September 13, 2023
module
Explore
Themebleed- Windows 11 Themes Arbitrary Code Execution CVE-2023-38146
Disclosed: September 13, 2023
module
Explore
Apache Superset Signed Cookie RCE
Disclosed: September 06, 2023
module
Explore
VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
Disclosed: August 29, 2023
module
Explore
LG Simple Editor Remote Code Execution
Disclosed: August 24, 2023
module
Explore
WinRAR CVE-2023-38831 Exploit
Disclosed: August 23, 2023
module
Explore
Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035)
Disclosed: August 21, 2023
module
Explore
Junos OS PHPRC Environment Variable Manipulation RCE
Disclosed: August 17, 2023
module
Explore
Ivanti Avalanche MDM Buffer Overflow
Disclosed: August 14, 2023
module
Explore
PRTG CVE-2023-32781 Authenticated RCE
Disclosed: August 09, 2023
module
Explore
CrushFTP Unauthenticated RCE
Disclosed: August 08, 2023
module
Explore
LG Simple Editor Command Injection (CVE-2023-40504)
Disclosed: August 04, 2023
module
Explore
RaspAP Unauthenticated Command Injection
Disclosed: July 31, 2023
module
Explore
Maltrail Unauthenticated Command Injection
Disclosed: July 31, 2023
module
Explore
Greenshot .NET Deserialization Fileformat Exploit
Disclosed: July 26, 2023
module
Explore
Metabase Setup Token RCE
Disclosed: July 22, 2023
module
Explore
Citrix ADC (NetScaler) Forms SSO Target RCE
Disclosed: July 18, 2023
module
Explore