header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Vulnerability Type
No results found
Elevation of Privilege (36)
Buffer Overflow (30)
Privilege Escalation (27)
Denial of Service (24)
Remote Code Execution (14)
Memory Corruption (12)
Information Disclosure (9)
Arbitrary Code Execution (8)
Local Privilege Escalation (7)
Stack Overflow (6)
UAC Bypass (6)
Uninitialized Kernel Stack Memory Disclosure (6)
Security Feature Bypass (5)
Uninitialized Memory Disclosure (5)
Kernel Stack Memory Disclosure (4)
Windows Kernel Crash (4)
Buffer Overrun (3)
Denial of Service (DoS) (3)
Heap Corruption (2)
Heap-based buffer overflow (2)
Integer Overflow (2)
Kernel Pool Memory Disclosure (2)
Memory Disclosure (2)
NULL pointer dereference (2)
Out of Band Data Vulnerability (2)
Remote Buffer Overflow (2)
Use-After-Free (2)
ACE bounds checks (1)
Application-side input validation web vulnerability (1)
Arbitrary Drive Mapping EoP (1)
Arbitrary File Modification (1)
Arbitrary Memory Overwrite (1)
Bitblt (1)
COM Structured Storage Vulnerability (1)
Composite Moniker (1)
Compressed (zipped) Folders (1)
CVE-2020-0796 (1)
Directory Traversal (1)
DLL Search Order Vulnerability (1)
DoS (1)
Double Free (1)
Double URL Encoding (1)
Drive a Medium IL cmd.exe via a Low IL process and message broadcasted (1)
EPATHOBJ local ring0 exploit (1)
Error Handling (1)
Filesystem vulnerability (1)
Heap block already freed (1)
Heap-overflow (1)
Improper object handling in the win32k.sys kernel mode driver (1)
Information Disclosure / Elevation of Privilege (1)
CWE
No results found
119 (86)
264 (38)
269 (22)
200 (18)
400 (13)
N/A (13)
Unknown (13)
20 (11)
120 (10)
94 (7)
22 (4)
284 (4)
416 (4)
665 (4)
287 (3)
825 (3)
125 (2)
362 (2)
787 (2)
120 (Buffer Copy without Checking Size of Input) (1)
123 (1)
190 (1)
276 (1)
399 (1)
415 (1)
427 (1)
476 (1)
502 (1)
611 (1)
770 (1)
78 (1)
824 (1)
843 (1)
Bypassing User Interface (1)
Integer Overflow (1)
Not Available (1)
CPE
No results found
o:microsoft:windows (113)
N/A (91)
Unknown (12)
o:microsoft:windows_2000::sp4 (4)
a:microsoft:windows (3)
o:microsoft:windows_8.1 (3)
o:microsoft:windows:7 (3)
cpe:/o:microsoft:windows_xp::sp2 (2)
cpe:2.3:o:microsoft:windows (2)
None (2)
Not mentioned (2)
o:microsoft:windows_7 (2)
o:microsoft:windows_7::sp1 (2)
o:microsoft:windows_xp (2)
cpe:/o:microsoft:windows_server:2008:r2 (1)
cpe:/o:microsoft:windows_xp::sp0 (1)
cpe:/o:microsoft:windows_xp::sp1 (1)
cpe:2.3:a:microsoft:windows:*:*:*:*:*:*:*:* (1)
cpe:2.3:o:microsoft:windows_7:::~~~x64~~ (1)
cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:* (1)
fontsub.dll (1)
microsoft:windows (1)
Not Available (1)
Not provided (1)
o:microsoft:windows_10::1703:~~~cpe:/o:microsoft:windows_10::1709: (1)
o:microsoft:windows_10:1803 and cpe:/o:microsoft:windows_10:1809 (1)
o:microsoft:windows_10:1809 (1)
o:microsoft:windows_2000 (1)
o:microsoft:windows_95 (1)
o:microsoft:windows_xp::sp2 (1)
o:microsoft:windows:10.0.17763.5458 (1)
o:microsoft:windows:8.1 (1)
Win 7 (1)
Vendor
No results found
Microsoft (300)
Cisco (1)
HP (1)
Sand Studio (1)
SunOS (1)
Windows
No results found
N/A (695)
Internet Explorer (307)
Windows (303)
Linux Kernel (183)
PHP (172)
Unknown (140)
Firefox (115)
Solaris (113)
Joomla (107)
Mac OS X (96)
Flash Player (90)
Windows XP (88)
WordPress (87)
CMS (71)
Safari (65)
Chrome (62)
FreeBSD (57)
vBulletin (57)
Windows 7 (57)
Wireshark (55)
Kernel (54)
PHP-Nuke (54)
MySQL (52)
phpBB (51)
VLC media player (50)
Windows 2000 (50)
Windows 10 (49)
MyBB (48)
IIS (46)
Winamp (45)
AIX (44)
iOS (43)
macOS (40)
Android (38)
Opera (38)
Oracle Database (38)
Tomcat (38)
Windows Media Player (38)
Invision Power Board (37)
Samba (37)
Irix (35)
PHP-Fusion (35)
Linux (33)
phpMyAdmin (33)
osCommerce (32)
RealPlayer (32)
Apache HTTP Server (31)
ProFTPD (31)
Chromium (30)
OpenEMR (30)
Version
From
No results found
N/A (35)
Windows 7 (32)
Unknown (25)
Windows 2000 (18)
Windows (8)
Windows 10 1809 (8)
Windows XP (8)
Windows 10 1709 (7)
Windows Vista (7)
Windows 95 (6)
Windows XP SP2 (6)
Microsoft Windows (5)
Microsoft Windows 2000 (5)
Windows 10 (5)
Windows 10 10586 (5)
Windows 10 1803 (5)
Windows 8 (5)
Windows 8.1 Update (5)
Windows for Workgroups 3.11 (4)
Windows NT up to and including 4.0 (4)
Windows 10 1703 (3)
Windows NT (3)
Windows Server 2003 (3)
Windows Vista SP2 (3)
8.1 (2)
Microsoft Windows 2000 Service Pack 4 (2)
Windows 10 10586/14393 (2)
Windows 10 1903 (2)
Windows 1709 (2)
Windows 2000 SP0 (2)
Windows 2000 SP4 (2)
Windows 7 SP1 (2)
Windows 98 (2)
Windows Server 2012 (2)
.NET 4.6 (1)
< 10 (1)
0.0.0.1 (1)
1 (1)
1.6 (1)
1.9.6 (1)
10 (any) (1)
11 <10.0.26100.1457 and Server 2016-2019-2022 <10.0.17763.6189 (1)
1803) (1)
5.1.2600.3099 (1)
6.0 (1)
8.0 (1)
AirDroid iOS Application (Andoird (1)
all affected RDP services (1)
All modern versions of Windows (1)
All recent versions of Windows (1)
To
No results found
Unknown (38)
N/A (36)
Windows 10 (36)
Windows 7 (8)
Windows 10 1809 (7)
Windows 10 1709 (6)
Windows Server 2008 (6)
Windows Vista (6)
Windows XP (6)
Windows XP SP2 (6)
Microsoft Windows (5)
Windows (5)
Windows 2000 (5)
Windows 8 (5)
Windows XP SP1 (5)
Not mentioned (4)
not specified (4)
SCO Open Server 5.0 (4)
Windows Server 2012 (4)
Windows 2000 SP4 (3)
Windows 2003 (3)
Windows 2008 (3)
Windows 8.1 (3)
Windows Server 2008 and 2012 (3)
8.1 (2)
8.1 Update 2 (2)
Microsoft Windows Vista (2)
Microsoft Windows XP (2)
Microsoft Windows XP SP2 (2)
Not tested 8.1 Update 2 or Windows 7 (2)
Server 2012 (2)
Server 2012 R2 (2)
Windows 7 SP1 (2)
Windows 95 (2)
Windows RT (2)
Windows Server 2003 (2)
Windows Server 2008 R2 (2)
Windows Server 2016 (2)
1.2 (1)
1.6 (1)
1.9.6 (1)
10 (any) (1)
1803) (1)
7.0 (1)
8.0 (1)
AirDroid iOS Application (Andoird (1)
all affected RDP services (1)
All recent versions of Windows (1)
All versions of Windows with the Autorun feature enabled (1)
although code looks similar on Win8+) (1)
Severity Type
No results found
HIGH (237)
MEDIUM (29)
N/A (23)
CRITICAL (12)
LOW (2)
Severity Number
No results found
7.5 (110)
7 (40)
7.8 (30)
N/A (28)
7.2 (22)
8 (20)
5.5 (19)
2 (16)
9 (14)
9.3 (10)
Exploit Author
No results found
Unknown (41)
Project Zero (28)
SecurityFocus (22)
Google Security Research (12)
Anonymous (9)
N/A (8)
hdm (6)
juan vazquez (4)
milw0rm.com (4)
Not mentioned (4)
devcode (3)
Google Project Zero (3)
jduck (3)
John Doe (3)
John Page (aka hyp3rlinx) (3)
Luigi Auriemma (3)
Preddy (3)
sinn3r (3)
b33f (2)
bwatters-r7 (2)
Eduardo Braun Prado (2)
Exploit Database (2)
Haifei Li (2)
Laurent Gaffié (2)
Marsu (2)
Mike Czumak (T_v3rn1x) (2)
mubix (2)
Nabeel Ahmed (2)
OJ Reeves (2)
prdelka (2)
Rubén Santamarta (2)
skape (2)
Tavis Ormandy (2)
Taviso (2)
ThreaT (2)
_eci (1)
.einstein. (1)
@404death (1)
@fdiskyou (1)
0vercl0k (1)
3APA3A (1)
A. Micalizzi (aka rgod) (1)
Abdelhamid Naceri (1)
Adik (1)
Agustin Azubel (1)
amaloteaux (1)
Andres Tarasco Acuña (1)
Andres Tarasco and I=F1aki Lopez (1)
Anton Cherepanov (1)
ATmaCA (1)
Platforms Tested
No results found
Windows (185)
Linux (16)
Mac (11)
Windows 7 (9)
Windows 10 (8)
Windows 2000 (7)
Windows XP (6)
Windows Vista (5)
Windows 8.1 Update (4)
Windows XP SP2 (4)
Windows 10 1809 (3)
Windows 7 32 bit (3)
8.1 (2)
Vista (2)
Windows 10 10586 (2)
Windows 10 10586/14393 (2)
Windows 10 1703 and 1709 (2)
Windows 10 1803 (2)
Windows 10 1809 (not tested earlier) (2)
Windows 2000 SP4 (2)
Windows 2000 SP4 Polish (2)
Windows 2003 (2)
Windows 7 SP1 (2)
Windows 7 SP1 (w/ exploit script run on Kali Linux) (2)
Windows 7 x64 (2)
Windows 7 x86 (2)
Windows 8 (2)
Windows NT (2)
Windows Server 2003 (2)
Windows Server 2008 (2)
Windows X64 (2)
Windows XP SP1 (2)
Windows XP Sp2 FR (2)
XP (2)
10 (any) (1)
10 v.1809 with full patches up to January 2019. both x86 and x64 architectures. (1)
2 (1)
2000 (1)
2003 (1)
2008 (1)
3 (1)
32/64-bit (1)
7 (1)
8.0 (1)
8.1 Update 2 (1)
98 (1)
although code looks similar on Win8+) (1)
and 2008 (1)
and Windows 7 SP1 (1)
Android (1)
Year
Year
No results found
Unknown (40)
2020 (30)
2016 (19)
2010 (17)
2002 (16)
2017 (16)
2007 (15)
2005 (11)
2008 (11)
2018 (11)
2003 (10)
2006 (9)
2014 (9)
2019 (9)
2004 (7)
2009 (6)
2013 (5)
2015 (5)
Not mentioned (5)
2011 (3)
2000 (2)
2024 (2)
N/A (2)
Not Specified (2)
1997 (1)
2001 (1)
2012 (1)
2021 (1)
May 14 2013 (1)
Not provided (1)

Explore all Exploits:

Windows IPv6 CVE-2024-38063 Denial-Of-Service Vulnerability

The exploit targets Windows 10, 11 <10.0.26100.1457 and Server 2016-2019-2022 <10.0.17763.6189, allowing an attacker to cause denial-of-service. By corrupting the tcpip.sys memory per batch, the attacker can disrupt the normal functioning of the system. This vulnerability is identified as CVE-2024-38063.

Windows OLE RCE Exploit MS14-060 (CVE-2014-4114) ? Sandworm

This exploit is based on the OLE Remote Code Execution vulnerability identified as MS14-060 (CVE-2014-4114). It creates a blank PowerPoint show (ppsx) file to exploit the vulnerability. The script will also create the INF file and an optional Meterpreter reverse_tcp executable with the -m switch. Alternatively, you can host your own exectuble payload. Host the INF and GIF (EXE) in an SMB share called 'share'.

Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)

This module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.

Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution

This module exploits a vulnerability in the GDI library included with Windows XP and 2003. This vulnerability uses the 'Escape' metafile function to execute arbitrary code through the SetAbortProc procedure. This module generates a random WMF record stream for each request.

Windows Task Scheduler Privilege Escalation 0day

This exploit allows an attacker to escalate their privileges on a Windows system using a 0day vulnerability in the Task Scheduler. The exploit takes advantage of a flaw in the scheduler's handling of certain scripts, allowing the attacker to execute arbitrary code with elevated privileges. The vulnerability has not been assigned a CVE identifier.

Windows SMB NTLM Authentication Weak Nonce Vulnerability

An unauthenticated remote attacker without any kind of credentials can access the SMB service under the credentials of an authorized user. Depending on the privileges of the authorized user, and the configuration of the remote system, an attacker can gain read/write access to the remote file system and execute arbitrary code by using DCE/RPC over SMB.

Microsoft Windows win32k!xxxRealDrawMenuItem() missing HBITMAP bounds checks

The win32k.sys module in Microsoft Windows 7 does not perform proper bounds checks on HBITMAP handles, which allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka a 'Windows Kernel Elevation of Privilege Vulnerability'.

Recent Exploits:

cqrsecured