A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. These vulnerabilities are utilized by our vulnerability management tool InsightVM. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 01 - 20 of 5,807 in total
Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397)
Disclosed: 10月 28, 2024
module
Explore
Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)
Disclosed: 10月 09, 2024
module
Explore
WordPress TI WooCommerce Wishlist SQL Injection (CVE-2024-43917)
Disclosed: 9月 25, 2024
module
Explore
WordPress LearnPress Unauthenticated SQLi (CVE-2024-8522, CVE-2024-8529)
Disclosed: 9月 11, 2024
module
Explore
Vicidial SQL Injection Time-based Admin Credentials Enumeration
Disclosed: 9月 10, 2024
module
Explore
VICIdial Authenticated Remote Code Execution
Disclosed: 9月 10, 2024
module
Explore
SPIP BigUp Plugin Unauthenticated RCE
Disclosed: 9月 06, 2024
module
Explore
Wordpress LiteSpeed Cache plugin cookie theft
Disclosed: 9月 04, 2024
module
Explore
WhatsUp Gold SQL Injection (CVE-2024-6670)
Disclosed: 8月 29, 2024
module
Explore
GiveWP Unauthenticated Donation Process Exploit
Disclosed: 8月 25, 2024
module
Explore
Traccar v5 Remote Code Execution (CVE-2024-31214 and CVE-2024-24809)
Disclosed: 8月 23, 2024
module
Explore
SolarWinds Web Help Desk Backdoor (CVE-2024-28987)
Disclosed: 8月 22, 2024
module
Explore
SPIP Unauthenticated RCE via porte_plume Plugin
Disclosed: 8月 16, 2024
module
Explore
BYOB Unauthenticated RCE via Arbitrary File Write and Command Injection (CVE-2024-45256, CVE-2024-45257)
Disclosed: 8月 15, 2024
module
Explore
Ivanti Virtual Traffic Manager Authentication Bypass (CVE-2024-7593)
Disclosed: 8月 05, 2024
module
Explore
Calibre Python Code Injection (CVE-2024-6782)
Disclosed: 7月 31, 2024
module
Explore
CosmicSting: Magento Arbitrary File Read (CVE-2024-34102) + PHP Buffer Overflow in the iconv() function of glibc (CVE-2024-2961)
Disclosed: 7月 26, 2024
module
Explore
Acronis Cyber Infrastructure default password remote code execution
Disclosed: 7月 24, 2024
module
Explore
Cisco Smart Software Manager (SSM) On-Prem Account Takeover (CVE-2024-20419)
Disclosed: 7月 20, 2024
module
Explore
ProjectSend r1295 - r1605 Unauthenticated Remote Code Execution
Disclosed: 7月 19, 2024
module
Explore