CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2014-04-21 - Verified   Adobe Flash Player Regular Expression Heap Overflow 69 windows metasploit
2014-04-18 Download Vulnerable Application Waiting verification   NRPE <= 2.15 - Remote Command Execution 170 multiple Dawid Golunski
2014-04-18 - Waiting verification   Sercomm TCP/32674 Backdoor Reactivation 107 hardware Synacktiv
2014-04-17 - Verified   SAP Router - Timing Attack Password Disclosure 179 hardware Core Security
2014-04-16 - Verified   MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free 239 windows metasploit
2014-04-15 - Waiting verification   Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE 109 unix Brandon Perry
2014-04-14 - Verified   MS14-012 Internet Explorer CMarkup Use-After-Free 262 windows Jean-Jamil Khalif.

Local Exploits

Date D A V   Description Plat. Author
2014-04-15 - Waiting verification   Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution 231 android Yorick Koster
2014-04-11 - Waiting verification   Apple Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit 264 osx Kenzley Alphonse
2014-04-10 - Verified   MS14-017 Microsoft Word RTF Object Confusion 380 windows metasploit
2014-04-08 - Verified   BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP 168 windows Deepak Rathore
2014-04-08 - Verified   WinRAR Filename Spoofing 475 windows metasploit
2014-04-04 - Verified   ibstat $PATH Privilege Escalation 304 linux metasploit
2014-03-30 Download Vulnerable Application Verified   AudioCoder 0.8.29 - Memory Corruption (SEH) 350 windows sajith

Web Applications

Date D A V   Description Plat. Author
2014-04-20 - Waiting verification   Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF Vulnerability 68 hardware Rakesh S
2014-04-19 - Verified   PTCeffect 4.6 - LFI & SQL Injection Vulnerabilities 121 php walid naceri
2014-04-18 Download Vulnerable Application Waiting verification   CMSimple 4.4, 4.4.2 - Remote File Inclusion 95 php NoGe
2014-04-15 - Waiting verification   NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities 190 hardware Santhosh Kumar

DoS/PoC

Date D A V   Description Plat. Author
2014-04-18 - Waiting verification   Linux group_info refcounter - Overflow Memory Corruption 99 linux Thomas Pollet
2014-04-16 Download Vulnerable Application Verified   Jzip SEH Unicode Buffer Overflow (Denial of Service) 78 windows motaz reda
2014-04-14 - Waiting verification   WhatsApp < v2.11.7 - Remote Crash 291 multiple Jaime Sánchez
2008-01-02 - Waiting verification   Asterisk 1.x - BYE Message Remote Denial of Service Vulnerability 184 multiple greyvoip
2014-04-08 - Waiting verification   MacOS X 10.9 Hard Link Memory Corruption 219 osx Maksymilian Arcie.
2014-04-05 Download Vulnerable Application Waiting verification   MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS) Vulnerability 155 windows LiquidWorm
2014-04-06 - Verified   Notepad++ DSpellCheck v1.2.12.0 - Denial of Service 288 windows sajith

Shellcode

Date D   Description Plat. Author
2013-11-04   MIPS Little Endian Reverse Shell Shellcode (Linux) 4269 hardware Jacob Holcomb
2013-10-16   Messagebox Shellcode (113 bytes) - Any Windows Version 10097 windows Giuseppe D'Amore
2013-09-23   Linux/x86 Multi-Egghunter 6035 lin_x86 Ryan Fenno
2013-07-28   Windows RT ARM Bind Shell (Port 4444) 9304 arm Matthew Graeber
2013-07-27   MIPS Little Endian Shellcode 2960 mips Jacob Holcomb
2013-05-17   Linux/x86 Reverse TCP Bind Shellcode (92 bytes) 10593 lin_x86 Russell Willis
2013-01-24   Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode 20083 windows RubberDuck

Papers

Date D   Description Author
2014-04-08 Microsoft Windows Help Systems Vulnerabilities. Eduardo Prado
2014-04-07 Whatsapp Forensic/Stealer (Android) POC Paper Mohit Sahu
2014-03-24   WinRar 4.20 - File Extension Spoofing (0Day) An7i
2014-03-20 PoC || GTFO 0x03 Rt. Revd. Dr.
2014-03-20 PoC || GTFO 0x02 Rt. Revd. Dr.
2014-03-20 PoC || GTFO 0x01 Rt. Revd. Dr.