CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2014-04-18 Download Vulnerable Application Waiting verification   NRPE <= 2.15 - Remote Command Execution 94 multiple Dawid Golunski
2014-04-18 - Waiting verification   Sercomm TCP/32674 Backdoor Reactivation 67 hardware Synacktiv
2014-04-17 - Verified   SAP Router - Timing Attack Password Disclosure 115 hardware Core Security
2014-04-16 - Verified   MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free 166 windows metasploit
2014-04-15 - Waiting verification   Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE 85 unix Brandon Perry
2014-04-14 - Verified   MS14-012 Internet Explorer CMarkup Use-After-Free 205 windows Jean-Jamil Khalif.
2014-04-10 - Verified   Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution 282 unix metasploit

Local Exploits

Date D A V   Description Plat. Author
2014-04-15 - Waiting verification   Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution 157 android Yorick Koster
2014-04-11 - Waiting verification   Apple Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit 222 osx Kenzley Alphonse
2014-04-10 - Verified   MS14-017 Microsoft Word RTF Object Confusion 318 windows metasploit
2014-04-08 - Verified   BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP 144 windows Deepak Rathore
2014-04-08 - Verified   WinRAR Filename Spoofing 409 windows metasploit
2014-04-04 - Verified   ibstat $PATH Privilege Escalation 272 linux metasploit
2014-03-30 Download Vulnerable Application Verified   AudioCoder 0.8.29 - Memory Corruption (SEH) 332 windows sajith

Web Applications

Date D A V   Description Plat. Author
2014-04-19 - Verified   PTCeffect 4.6 - LFI & SQL Injection Vulnerabilities 73 php walid naceri
2014-04-18 Download Vulnerable Application Waiting verification   CMSimple 4.4, 4.4.2 - Remote File Inclusion 58 php NoGe
2014-04-15 - Waiting verification   NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities 139 hardware Santhosh Kumar
2014-04-15 - Waiting verification   Xerox DocuShare - SQL Injection 114 hardware Brandon Perry
2014-04-14 - Waiting verification   Sagem Fast 3304-V2 - Authentification Bypass 130 hardware Yassin Aboukir
2014-04-14 - Verified   WordPress Theme LineNity 1.20 - Local File Inclusion 182 php felipe andrian

DoS/PoC

Date D A V   Description Plat. Author
2014-04-18 - Waiting verification   Linux group_info refcounter - Overflow Memory Corruption 65 linux Thomas Pollet
2014-04-16 Download Vulnerable Application Verified   Jzip SEH Unicode Buffer Overflow (Denial of Service) 53 windows motaz reda
2014-04-14 - Waiting verification   WhatsApp < v2.11.7 - Remote Crash 220 multiple Jaime Sánchez
2008-01-02 - Waiting verification   Asterisk 1.x - BYE Message Remote Denial of Service Vulnerability 167 multiple greyvoip
2014-04-08 - Waiting verification   MacOS X 10.9 Hard Link Memory Corruption 198 osx Maksymilian Arcie.
2014-04-05 Download Vulnerable Application Waiting verification   MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service (DOS) Vulnerability 130 windows LiquidWorm
2014-04-06 - Verified   Notepad++ DSpellCheck v1.2.12.0 - Denial of Service 242 windows sajith

Shellcode

Date D   Description Plat. Author
2013-11-04   MIPS Little Endian Reverse Shell Shellcode (Linux) 4228 hardware Jacob Holcomb
2013-10-16   Messagebox Shellcode (113 bytes) - Any Windows Version 10041 windows Giuseppe D'Amore
2013-09-23   Linux/x86 Multi-Egghunter 6004 lin_x86 Ryan Fenno
2013-07-28   Windows RT ARM Bind Shell (Port 4444) 9272 arm Matthew Graeber
2013-07-27   MIPS Little Endian Shellcode 2946 mips Jacob Holcomb
2013-05-17   Linux/x86 Reverse TCP Bind Shellcode (92 bytes) 10556 lin_x86 Russell Willis
2013-01-24   Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode 20044 windows RubberDuck

Papers

Date D   Description Author
2014-04-08 Microsoft Windows Help Systems Vulnerabilities. Eduardo Prado
2014-04-07 Whatsapp Forensic/Stealer (Android) POC Paper Mohit Sahu
2014-03-24   WinRar 4.20 - File Extension Spoofing (0Day) An7i
2014-03-20 PoC || GTFO 0x03 Rt. Revd. Dr.
2014-03-20 PoC || GTFO 0x02 Rt. Revd. Dr.
2014-03-20 PoC || GTFO 0x01 Rt. Revd. Dr.
2014-03-20 PoC || GTFO 0x00 Rt. Revd. Dr.