Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.761 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 170 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.761

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	CVSSv3	EPSS Score	EPSS Percentile	Exploitable with Sniper
VMware HCX - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Elastic Cloud API Key	Network Scanner	Oct 12, 2025	High	N/A	N/A	No
VMware NSX - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Rundeck - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Redis < 8.2.1 lua script - Integer Overflow CVE-2025-46817	Network Scanner	Oct 12, 2025	Critical(7)	0.01	0.35	No
Metabase - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Prestashop posstaticfooter <= 1.0.0 - SQL Injection CVE-2023-30194	Network Scanner	Oct 12, 2025	Critical(9.8)	0.04	0.88	No
Oracle WebLogic Server - Unauthorized Access CVE-2023-21839	Network Scanner	Oct 12, 2025	High(7.5)	0.94	1	No
VMware VCenter - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Kaseya VSA < 9.5.7 - Arbitrary File Upload to Remote Code Execution CVE-2021-30118	Network Scanner	Oct 12, 2025	Critical(9.8)	0.02	0.83	No
Redis < 8.2.1 Lua Long-String Delimiter - Out-of-Bounds Read CVE-2025-46819	Network Scanner	Oct 12, 2025	High(6.3)	0.01	0.01	No
JamF (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
PrestaShop - SQL Injection to Eval Injection CVE-2022-31181	Network Scanner	Oct 12, 2025	Critical(9.8)	0.14	0.94	No
Cisco vManage (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
OpenNMS - JNDI Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
VMware Horizon - JNDI Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Graylog (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Cisco Unified Communications - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Citrix XenMobile Server - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Seeyon OA (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Canon Devices - Authentication Bypass in Catwalk Server CVE-2021-38154	Network Scanner	Oct 12, 2025	High(7.5)	0.01	0.72	No
VMware Operations Manager - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Redis Lua Sandbox < 8.2.2 - Cross-User Escape CVE-2025-46818	Network Scanner	Oct 12, 2025	High(6)	0.01	0.02	No
Ivanti MobileIron (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	0.95	1	No
Redis Lua Parser < 8.2.2 - Use After Free CVE-2025-49844	Network Scanner	Oct 12, 2025	Critical(9.9)	0.01	0.3	No

Vulnerability & Exploit Database

One of EMEA's fastest-growing tech companies.

48,000+ security folks are here. Are you?

More than demos - real faces, real insight.

Security leaders trust what they can prove