CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2015-01-29 - Waiting verification   VSAT Sailor 900 - Remote Exploit hardware Nicholas Lemonias.
2015-01-28 - Waiting verification   ClearSCADA - Remote Authentication Bypass Exploit windows Jeremy Brown
2015-01-27 - Waiting verification   D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit hardware Todor Donev
2015-01-22 - Waiting verification   Cisco Ironport Appliances - Privilege Escalation Vulnerability hardware Glafkos Charalamb.
2015-01-20 Download Vulnerable Application Waiting verification   Bsplayer 2.68 - HTTP Response Buffer Overflow windows Fady Mohammed Osm.
2015-01-20 - Verified   ManageEngine Multiple Products Authenticated File Upload java metasploit
2015-01-19 - Waiting verification   Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution windows Praveen Darshanam

Local Exploits

Date D A V   Description Plat. Author
2015-01-30 - Waiting verification   McAfee Data Loss Prevention Endpoint - Arbitrary Write Privilege Escalation windows ParvezGHH
2015-01-29 - Waiting verification   OS X < 10.10.x - Gatekeeper bypass Vulnerability osx Amplia Security R.
2015-01-29 - Waiting verification   UniPDF 1.1 - Crash PoC (SEH overwritten) windows bonze
2015-01-29 - Waiting verification   Microsoft Windows Server 2003 SP2 - Privilege Escalation windows KoreLogic
2015-01-26 - Waiting verification   VLC Player 2.1.5 - DEP Access Violation Vulnerability windows Veysel HATAS
2015-01-26 - Waiting verification   VLC Player 2.1.5 - Write Access Violation Vulnerability windows Veysel HATAS
2015-01-26 - Waiting verification   Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP windows Parvez Anwar

Web Applications

Date D A V   Description Plat. Author
2015-01-29 - Waiting verification   ManageEngine Firewall Analyzer 8.0 - Directory Traversal/XSS Vulnerabilities hardware Sepahan TelCom IT.
2015-01-21 - Waiting verification   ArticleFR CMS 3.0.5 - Arbitrary File Upload php TranDinhTien
2015-01-22 - Waiting verification   ecommerceMajor - SQL Injection And Authentication bypass php Manish Tanwar
2015-01-22 - Waiting verification   ManageEngine ServiceDesk Plus 9.0 - User Enumeration Vulnerability jsp Muhammad Ahmed Si.
2015-01-26 - Waiting verification   Mangallam CMS - SQL Injection Web Vulnerability php Vulnerability-Lab
2015-01-26 - Waiting verification   Barracuda Networks Cloud Series - Filter Bypass Vulnerability php Vulnerability-Lab
2015-01-26 - Waiting verification   ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management Vulnerability jsp Rewterz - Researc.

DoS/PoC

Date D A V   Description Plat. Author
2015-01-29 - Verified   FreeBSD Kernel - Multiple Vulnerabilities freebsd Core Security
2015-01-21 - Waiting verification   Zhone GPON 2520 R4.0.2.566b - Crash PoC hardware Kaczinski Ramirez
2015-01-26 - Verified   Android WiFi-Direct Denial of Service android Core Security
2015-01-21 - Verified   Crystal Player 1.99 - Memory Corruption Vulnerability windows Kapil Soni
2015-01-22 Download Vulnerable Application Waiting verification   Exif Pilot 4.7.2 - SEH Based Buffer Overflow windows Osanda M. Jayathi.
2015-01-20 Download Vulnerable Application Waiting verification   MalwareBytes Anti-Exploit 1.03.1.1220, 1.04.1.1012 Out-of-bounds Read DoS windows Parvez Anwar
2015-01-20 - Verified   OS X 10.10 IOKit IntelAccelerator NULL Pointer Dereference osx Google Security R.

Shellcode

Date D   Description Plat. Author
2015-01-13   Obfuscated Shellcode Windows x86 - [1218 Bytes] Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service win32 Ali Razmjoo
2015-01-13   Obfuscated Shellcode Windows x64 - [1218 Bytes] Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service win64 Ali Razmjoo
2014-12-11   Linux x86 rmdir - 37 bytes Stack shellcode linux kw4
2014-12-22   x64 Linux bind TCP port shellcode (81 bytes, 96 with password) lin_x86-64 Sean Dillon
2014-12-22   x64 Linux reverse TCP connect shellcode (77 to 85 bytes, 90 to 98 with password) lin_x86-64 Sean Dillon
2014-11-10   Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes) linux Breaking.Technolo.
2014-09-25   Linux/x86 Add map in /etc/hosts file lin_x86 Javier Tejedor

Papers

Date D   Description Author
2015-01-30 Ghost Vulnerability CVE-2015-0235 White Paper Rajivarnan
2015-01-29 Analysis of CVE-2014-4113 (Windows Privilege Escalation Vulnerability) Ronnie Johndas
2015-01-01 [Hebrew] Digital Whisper Security Magazine #57 cp77fk4r & UnderW.
2014-12-29   Anatomy of Exploit - World of Shellcode Flor Ian
2014-12-15   Backdooring with netcat shellcode Flor Ian
2014-12-15 Socket Learning Flor Ian
2014-12-15 [Turkish] Codesys SEH Exploit Tutorial Paper Bekir Karul