CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2014-07-24 Download Vulnerable Application Waiting verification   Omeka 2.2.1 - Remote Code Execution Exploit php LiquidWorm
2014-07-14 Download Vulnerable Application Verified   Kolibri WebServer 2.0 - GET Request SEH Exploit windows Revin Hadi Saputr.
2014-07-10 Download Vulnerable Application Waiting verification   OpenVAS Manager 4.0 - Authentication Bypass Vulnerability PoC linux EccE
2014-07-21 - Verified   IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities php Alejandro Alvarez.
2014-07-16 - Waiting verification   Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability android c0otlass
2014-07-14 - Verified   D-Link info.cgi POST Request Buffer Overflow hardware metasploit
2014-07-14 - Verified   D-Link HNAP Request Remote Buffer Overflow hardware metasploit

Local Exploits

Date D A V   Description Plat. Author
2014-07-19 - Waiting verification   Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation windows KoreLogic
2014-07-21 - Waiting verification   Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation windows KoreLogic
2014-07-21 - Waiting verification   Linux Kernel ptrace/sysret - Local Privilege Escalation lin_amd64 Vitaly Nikolenko
2014-07-12 - Waiting verification   OpenVPN Private Tunnel Core Service - Unquoted Service Path Elevation Of Privilege win32 LiquidWorm
2014-07-03 - Verified   Ubisoft Uplay 4.6 - Insecure File Permissions Local Privilege Escalation windows LiquidWorm
2014-06-28 Download Vulnerable Application Verified   chkrootkit 0.49 - Local Root Vulnerability linux Thomas Stangner

Web Applications

Date D A V   Description Plat. Author
2014-07-24 - Waiting verification   Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities php Claudio Viviani
2014-07-24 - Waiting verification   Lian Li NAS - Multiple Vulnerabilities hardware pws
2014-07-23 - Waiting verification   Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability multiple Vulnerability-Lab
2014-07-23 - Waiting verification   NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure vulnerability hardware Dolev Farhi
2014-07-12 - Waiting verification   Aerohive HiveOS 5.1r5 - 6.1r5 - Multiple Vulnerabilities php DearBytes

DoS/PoC

Date D A V   Description Plat. Author
2014-07-24 Download Vulnerable Application Waiting verification   BulletProof FTP Client 2010 - Buffer Overflow (SEH) windows Gabor Seljan
2014-07-24 - Verified   Make 3.81 - Heap Overflow PoC linux HyP
2014-07-22 Download Vulnerable Application Waiting verification   DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation windows drone
2014-07-21 - Waiting verification   World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow windows Alireza Chegini
2014-07-21 - Waiting verification   Apache 2.4.7 mod_status Scoreboard Handling Race Condition linux Marek Kroemeke
2014-07-18 Download Vulnerable Application Waiting verification   ACME micro_httpd - Denial of Service linux Yuval tisf Nativ
2014-07-16 Download Vulnerable Application Waiting verification   Node Browserify 4.2.0 - Remote Code Execution Vulnerability multiple Cal Leeming

Shellcode

Date D   Description Plat. Author
2014-06-22   Windows All Versions - Add Admin User Shellcode (194 bytes) windows Giuseppe D'Amore
2014-07-14   Socket Re-use Shellcode for Linux x86 (50 bytes) lin_x86 ZadYree
2013-11-04   MIPS Little Endian Reverse Shell Shellcode (Linux) hardware Jacob Holcomb
2013-10-16   Messagebox Shellcode (113 bytes) - Any Windows Version windows Giuseppe D'Amore
2013-09-23   Linux/x86 Multi-Egghunter lin_x86 Ryan Fenno
2013-07-28   Windows RT ARM Bind Shell (Port 4444) arm Matthew Graeber
2013-07-27   MIPS Little Endian Shellcode mips Jacob Holcomb

Papers

Date D   Description Author
2014-07-02 [Hebrew] Digital Whisper Security Magazine #52 cp77fk4r & UnderW.
2014-06-30   Back To The Future: Unix Wildcards Gone Wild Leon Juranic
2014-06-29   Asterisk Phreaking How-To Akra Macha
2014-06-30 The Ultimate XSS Protection Cheat Sheet for Developers Ajin Abraham
2014-06-28 PoC || GTFO 0x04 Rt. Revd. Dr.
2014-06-25 Hacking Blind Andrea Bittau
2014-06-24 Searching SHODAN For Fun And Profit Sajal Verma