combined exploit-db.com and osvdb.org unofficial mirror
Infinite exploit source




Remote Exploits
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow Hans Jerry Illikainen 2016-04-28 php
Advantech WebAccess Dashboard Viewer Arbitrary File Upload metasploit 2016-04-26 windows
libgd 2.1.1 - Signedness Heap Overflow Hans Jerry Illikainen 2016-04-26 linux
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF) Jonathan Smith 2016-04-25 win32
Novell ServiceDesk Authenticated File Upload metasploit 2016-04-18 multiple
Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112) Ashfaq Ansari 2016-04-14 windows
Dell KACE K1000 File Upload metasploit 2016-04-13 unix
Easy File Sharing HTTP Server 7.2 SEH Overflow metasploit 2016-04-05 windows
PCMAN FTP Server Buffer Overflow - PUT Command metasploit 2016-04-05 windows
PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit Andrew Kramer 2016-04-01 multiple

Local Exploits
Mach Race OS X Local Privilege Escalation Exploit fG! 2016-04-27 osx
Yasr Screen Reader 0.6.9 - Local Buffer Overflow Juan Sacco 2016-04-26 linux
CompuSource Systems - Real Time Home Banking - Local Privilege Escalation Information Paradox 2016-04-25 windows
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (Powershell) b33f 2016-04-21 windows
Exim _perl_startup_ Privilege Escalation metasploit 2016-04-15 linux
Texas Instrument Emulator 3.03 - Local Buffer Overflow Juan Sacco 2016-04-13 linux
CAM UnZip 5.1 - Archive Path Traversal hyp3rlinx 2016-04-11 windows
Express Zip <= 2.40 - Path Traversal R-73eN 2016-04-08 windows
Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation Piotr Bania 2016-04-08 osx
Mess Emulator 0.154-3.1 - Local Buffer Overflow Juan Sacco 2016-04-07 linux

Web Application Exploits
Observium 0.16.7533 - Cross Site Request Forgery Dolev Farhi 2016-04-29 php
Observium 0.16.7533 - Authenticated Arbitrary Command Execution Dolev Farhi 2016-04-29 php
Merit Lilin IP Cameras - Multiple Vulnerabilities Orwelllabs 2016-04-29 cgi
GLPi 0.90.2 - SQL Injection High-Tech Bridge SA 2016-04-29 php
EMC ViPR SRM - Cross-Site Request Forgery Han Sahin 2016-04-27 multiple
Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass Milad Doorbash 2016-04-27 hardware
ImpressCMS 1.3.9 - SQL Injection Manuel García Cárdenas 2016-04-26 php
Totemomail 4.x and 5.x - Persistent XSS Vulnerability-Lab 2016-04-25 jsp
C/C++ Offline Compiler and C For OS - Persistent XSS Vulnerability-Lab 2016-04-25 ios
Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF) Federico Scalco 2016-04-25 hardware

DoS/PoC Exploits
Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash David Silveiro 2016-04-29 linux
Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow Google Security Research 2016-04-29 multiple
Wireshark - alloc_address_wmem Assertion Failure Google Security Research 2016-04-29 multiple
Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read Google Security Research 2016-04-29 multiple
Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Google Security Research 2016-04-28 windows
Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048) Google Security Research 2016-04-27 windows
Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC David Silveiro 2016-04-25 linux
Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039) Nils Sommer 2016-04-20 win64
Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow Google Security Research 2016-04-20 windows
TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials DLY 2016-04-18 hardware

Shellcode
Linux x64 - Bind Shell Shellcode Generator Ajith Kp 2016-04-25 lin_x86-64
Linux x86 Reverse TCP Shellcode (ipv6) Roziul Hasan Khan Shifat 2016-04-25 lin_x86
Linux/x86_64 - bindshell (Port 5600) - 86 bytes Ajith Kp 2016-04-21 lin_x86-64
Linux/x86_64 - Read /etc/passwd - 65 bytes Ajith Kp 2016-04-15 lin_x86-64
Linux/x86_64 - bindshell (PORT: 5600) - 81 bytes Ajith Kp 2016-04-11 lin_x86-64
Linux/x86_x64 - execve(/bin/sh) - 25 bytes Ajith Kp 2016-03-28 lin_x86-64
Linux/x86_x64 - execve(/bin/bash) - 33 bytes Ajith Kp 2016-03-28 lin_x86-64
Linux/x86_x64 - execve(/bin/sh) - 26 bytes Ajith Kp 2016-03-24 lin_x86-64
x86 Windows Null-Free Download & Run via WebDAV Shellcode (96 bytes) Sean Dillon 2016-03-02 win32
Linux/ARM - Connect back to {ip:port} with /bin/sh - 95 bytes Xeon 2016-02-26 arm