• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Vulnerability Scanner
2024 Attack Intel Report

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 5,831 in total
WordPress WP Time Capsule Arbitrary File Upload to RCE
Disclosed: November 15, 2024
module
Explore
WordPress Really Simple SSL Plugin Authentication Bypass to RCE
Disclosed: November 14, 2024
module
Explore
Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397)
Disclosed: October 28, 2024
module
Explore
CyberPanel Multi CVE Pre-auth RCE
Disclosed: October 27, 2024
module
Explore
Fortinet FortiManager Unauthenticated RCE
Disclosed: October 23, 2024
module
Explore
Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)
Disclosed: October 09, 2024
module
Explore
Ivanti Connect Secure Authenticated Remote Code Execution via OpenSSL CRLF Injection
Disclosed: October 08, 2024
module
Explore
CUPS IPP Attributes LAN Remote Code Execution
Disclosed: September 26, 2024
module
Explore
WordPress TI WooCommerce Wishlist SQL Injection (CVE-2024-43917)
Disclosed: September 25, 2024
module
Explore
WordPress LearnPress Unauthenticated SQLi (CVE-2024-8522, CVE-2024-8529)
Disclosed: September 11, 2024
module
Explore
Vicidial SQL Injection Time-based Admin Credentials Enumeration
Disclosed: September 10, 2024
module
Explore
VICIdial Authenticated Remote Code Execution
Disclosed: September 10, 2024
module
Explore
SPIP BigUp Plugin Unauthenticated RCE
Disclosed: September 06, 2024
module
Explore
Wordpress LiteSpeed Cache plugin cookie theft
Disclosed: September 04, 2024
module
Explore
WhatsUp Gold SQL Injection (CVE-2024-6670)
Disclosed: August 29, 2024
module
Explore
Moodle Remote Code Execution (CVE-2024-43425)
Disclosed: August 27, 2024
module
Explore
GiveWP Unauthenticated Donation Process Exploit
Disclosed: August 25, 2024
module
Explore
Traccar v5 Remote Code Execution (CVE-2024-31214 and CVE-2024-24809)
Disclosed: August 23, 2024
module
Explore
SolarWinds Web Help Desk Backdoor (CVE-2024-28987)
Disclosed: August 22, 2024
module
Explore
SPIP Unauthenticated RCE via porte_plume Plugin
Disclosed: August 16, 2024
module
Explore