HomePentest-Tools.com Logo

Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities that can be detected with Pentest-Tools.com and the exploits that are currently available in the platform.

We detect more than 15,000 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 78 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Pentest-Tools.com Vulnerabilities
Name
CVE
Detectable with
Published
Updated
Severity
CVSSv3 score
Exploitable with Sniper
Additional details
Node.js - Remote Code ExecutionNetwork ScannerNov 2022Nov 2022

Critical

9.8Yes
WordPress - Server Side Request ForgeryNetwork ScannerNov 2022Nov 2022

Critical

9.8Yes
ManageEngine ADAudit Plus - XML External Entity InjectionNetwork ScannerOct 2022Oct 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)FortiOS, FortiProxy and FortiSwitchManager - Authentification BypassNetwork ScannerOct 2022Oct 2022

Critical

9.6Yes
Cybersecurity Infrastructure Security Agency (CISA)Microsoft Exchange - Remote Code ExecutionNetwork ScannerOct 2022Oct 2022

High

8.8No
Cybersecurity Infrastructure Security Agency (CISA)Bitbucket Server & Data Center - Remote Code ExecutionNetwork ScannerOct 2022Oct 2022

High

8.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Grafana - Authentication BypassNetwork ScannerOct 2022Oct 2022

High

7.3No
Cybersecurity Infrastructure Security Agency (CISA)Sophos XG Firewall - Authentication BypassNetwork ScannerSep 2022Sep 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)ManageEngine Password Manager Pro & PAM360 - Remote Code ExecutionNetwork ScannerSep 2022Sep 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Jenkins - Remote Code ExecutionNetwork ScannerSep 2022Sep 2022

Critical

9.9Yes
Gitlab CE/EE - Remote Code ExecutionNetwork ScannerSep 2022Sep 2022

Critical

9.9No
Cybersecurity Infrastructure Security Agency (CISA)ManageEngine ADSelfService Plus - Stored Cross-Site ScriptingNetwork ScannerAug 2022Aug 2022

Medium

6.1No
Apache - Memory CorruptionNetwork ScannerAug 2022Aug 2022

High

7.5No
Jira - Arbitrary File ReadNetwork ScannerAug 2022Aug 2022

Medium

5.3Yes
Cybersecurity Infrastructure Security Agency (CISA)Zimbra ZCS - Remote Code ExecutionNetwork ScannerAug 2022Aug 2022

Critical

9.8Yes
Jira - Arbitrary File ReadNetwork ScannerAug 2022Aug 2022

Medium

5.3Yes
VMware Workspace One - Arbitrary File ReadNetwork ScannerAug 2022Aug 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)BlueKeep - Remote Code ExecutionNetwork ScannerAug 2022Aug 2022

Critical

9.8No
Django - SQL InjectionNetwork ScannerAug 2022Aug 2022

Critical

9.8No
Jira - Arbitrary File ReadNetwork ScannerAug 2022Aug 2022

High

7.5Yes
Jira - Information DisclosureNetwork ScannerAug 2022Aug 2022

Medium

5.3Yes
Emlog - Path DisclosureNetwork ScannerAug 2022Aug 2022

High

7.5No
Cybersecurity Infrastructure Security Agency (CISA)Atlassian Confluence - Arbitrary File ReadNetwork ScannerAug 2022Aug 2022

Medium

5.3Yes
Cybersecurity Infrastructure Security Agency (CISA)Cisco ASA and Cisco FTD - Cross-Site ScriptingNetwork ScannerAug 2022Aug 2022

Medium

6.1No
Cybersecurity Infrastructure Security Agency (CISA)Atlassian Confluence - Authentication BypassNetwork ScannerAug 2022Aug 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Drupal - Remote Code ExecutionNetwork ScannerMay 2022Aug 2022

Critical

9.8Yes
Apache Tomcat Server - Open RedirectNetwork ScannerAug 2022Aug 2022

Medium

4.3No
Cybersecurity Infrastructure Security Agency (CISA)Microsoft SharePoint - Remote Code ExecutionNetwork ScannerJul 2022Jul 2022

Critical

9.8Yes
Spring - Remote Code ExecutionNetwork ScannerJul 2022Jul 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Atlassian Crowd - Remote Code ExecutionNetwork ScannerJul 2022Jul 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Kibana - Remote Code ExecutionNetwork ScannerJul 2022Jul 2022

Critical

10Yes
Cybersecurity Infrastructure Security Agency (CISA)Atlassian Confluence - Remote Code ExecutionNetwork ScannerSep 2021Jul 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Pulse Secure - Local File InclusionNetwork ScannerSep 2021Jul 2022

Critical

10Yes
Cybersecurity Infrastructure Security Agency (CISA)Drupal Core - Remote Code ExecutionNetwork ScannerJul 2022Jul 2022

High

8.1Yes
Cybersecurity Infrastructure Security Agency (CISA)F5 BIG-IP - Remote Code ExecutionNetwork ScannerMay 2022Jun 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Atlassian Confluence - Remote Code ExecutionNetwork ScannerJun 2022Jun 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)ZyXEL Firewall - Unauthenticated Remote Command InjectionNetwork ScannerJun 2022Jun 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Gitlab CE/EE - Remote Code ExecutionNetwork ScannerNov 2021Jun 2022

Critical

10Yes
Cybersecurity Infrastructure Security Agency (CISA)Zabbix - Authentication Bypass and Remote Code ExecutionNetwork ScannerMar 2022Jun 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)DotCMS - Remote Code ExecutionNetwork ScannerJun 2022Jun 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)F5 BIG-IP - Remote Code ExecutionNetwork ScannerAug 2021May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)F5 BIG-IP - Remote Code ExecutionNetwork ScannerDec 2021May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Spring Core - Remote Code ExecutionNetwork ScannerApr 2022May 2022

Critical

9.8Yes
Grafana - Arbitrary File ReadNetwork ScannerJan 2022May 2022

High

7.5Yes
Oracle WebLogic - Local File InclusionNetwork ScannerMay 2022May 2022

High

7.5No
Jira - Authentication BypassNetwork ScannerMay 2022May 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Apache Struts - Remote Code ExecutionNetwork ScannerSep 2021May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)VMware Workspace One - Remote Code ExecutionNetwork ScannerMay 2022May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)ManageEngine - Remote Code ExecutionNetwork ScannerMay 2022May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Redis - Remote Code ExecutionNetwork ScannerMay 2022May 2022

Critical

10Yes
Cybersecurity Infrastructure Security Agency (CISA)Magento - Remote Code ExecutionNetwork ScannerMar 2022May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)WSO2 - Unrestricted File Upload and Remote Code ExecutionNetwork ScannerMay 2022May 2022

Critical

9.8Yes
Apache Struts - Remote Code ExecutionNetwork ScannerMay 2022May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Adobe Coldfusion - Remote Code ExecutionNetwork ScannerMay 2022May 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Jira - Remote Code ExecutionNetwork ScannerMay 2022May 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Microsoft Exchange - Remote Code ExecutionNetwork ScannerMay 2021Apr 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Microsoft Exchange - ProxyLogon Backdoor WebshellsNetwork ScannerMar 2021Apr 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Spring Cloud Function - Remote Code ExecutionNetwork ScannerApr 2022Apr 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Spring Cloud Gateway - Remote Code ExecutionNetwork ScannerMar 2022Mar 2022

Critical

10Yes
Cybersecurity Infrastructure Security Agency (CISA)VMware vCenter - Remote Code ExecutionNetwork ScannerSep 2021Mar 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)ManageEngine Desktop Central - Authentication Bypass and Remote Code ExecutionNetwork ScannerMar 2022Mar 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Microsoft EternalBlue - Remote Code ExecutionNetwork ScannerMar 2022Mar 2022

High

8.1Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Tomcat - Remote Code ExecutionNetwork ScannerDec 2021Mar 2022

Critical

10Yes
Cybersecurity Infrastructure Security Agency (CISA)Log4j - Remote Code ExecutionNetwork ScannerDec 2021Mar 2022

Critical

10Yes
Log4j - Remote Code ExecutionNetwork ScannerMar 2022Mar 2022

Critical

9No
Apache Struts - Remote Code ExecutionNetwork ScannerMar 2022Mar 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Solr - Remote Code ExecutionNetwork ScannerDec 2021Mar 2022

Critical

10No
Cybersecurity Infrastructure Security Agency (CISA)MobileIron - Remote Code ExecutionNetwork ScannerDec 2021Mar 2022

Critical

10No
Cybersecurity Infrastructure Security Agency (CISA)Apache Flink - Remote Code ExecutionNetwork ScannerDec 2021Mar 2022

Critical

10No
Cybersecurity Infrastructure Security Agency (CISA)Apache Struts - Remote Code ExecutionNetwork ScannerDec 2021Mar 2022

Critical

10Yes
Cybersecurity Infrastructure Security Agency (CISA)VMware vCenter - Remote Code ExecutionNetwork ScannerDec 2021Feb 2022

Critical

10No
Cybersecurity Infrastructure Security Agency (CISA)Apache Druid - Remote Code ExecutionNetwork ScannerDec 2021Feb 2022

Critical

10No
Cybersecurity Infrastructure Security Agency (CISA)ManageEngine ADSelfService Plus - Remote Code ExecutionNetwork ScannerOct 2021Feb 2022

Critical

9.8Yes
Oracle Weblogic - Remote Code ExecutionNetwork ScannerFeb 2022Feb 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Struts 2 - Remote Code ExecutionNetwork ScannerFeb 2022Feb 2022

High

8.1Yes
Cybersecurity Infrastructure Security Agency (CISA)Oracle Weblogic - Path TraversalNetwork ScannerFeb 2022Feb 2022

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Oracle Weblogic - Remote Command ExecutionNetwork ScannerFeb 2022Feb 2022

High

7.2Yes
Log4j 1.x - Remote Code ExecutionNetwork ScannerJan 2022Jan 2022

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Elasticsearch - Remote Code ExecutionNetwork ScannerDec 2021Jan 2022

Critical

10No
Netgear - Admin Credentials Disclosure & Remote Code ExecutionNetwork ScannerJan 2022Jan 2022

High

8.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache MOD Proxy - Server Side Request ForgeryNetwork ScannerJan 2022Jan 2022

Critical

9No
Apache OFBiz - Remote Code ExecutionNetwork ScannerFeb 2021Dec 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Node.js Systeminformation - Command InjectionNetwork ScannerMay 2021Dec 2021

High

7.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Sophos SG UTM - Remote Code ExecutionNetwork ScannerSep 2021Dec 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Struts - Remote Code ExecutionNetwork ScannerDec 2021Dec 2021

Critical

9.8Yes
Microsoft Exchange - Reflected Cross-Site ScriptingNetwork ScannerDec 2021Dec 2021

Medium

6.5No
Apache Struts 2 - Remote Code ExecutionNetwork ScannerDec 2021Dec 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Tomcat - Remote Code ExecutionNetwork ScannerDec 2021Dec 2021

High

8.1Yes
Cybersecurity Infrastructure Security Agency (CISA)Exim - Remote Code ExecutionNetwork ScannerDec 2021Dec 2021

Critical

9.8Yes
Laravel - Remote Code ExecutionNetwork ScannerDec 2021Dec 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Tomcat Server - Local File InclusionNetwork ScannerNov 2021Nov 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Citrix ADC - Directory Traversal/Remote Code ExecutionNetwork ScannerNov 2021Nov 2021

Critical

9.8Yes
Micro Focus OBM - Authentication BypassNetwork ScannerNov 2021Nov 2021

High

8.8No
Visual Tools DVR - Remote Code ExecutionNetwork ScannerNov 2021Nov 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Server - Remote Code ExecutionNetwork ScannerNov 2021Nov 2021

Critical

9.8Yes
Node-Red - Local File InclusionNetwork ScannerOct 2021Oct 2021

High

7.5Yes
Microsoft Exchange - Reflected Cross-Site ScriptingNetwork ScannerSep 2021Oct 2021

High

8.8No
Cybersecurity Infrastructure Security Agency (CISA)Cisco ASA VPN/FTD - Arbitrary File ReadNetwork ScannerOct 2021Oct 2021

High

7.5Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Server - Arbitrary File ReadNetwork ScannerOct 2021Oct 2021

High

7.5Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Server - Remote Code ExecutionNetwork ScannerOct 2021Oct 2021

High

7.5Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Server - Arbitrary File ReadNetwork ScannerOct 2021Oct 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Apache Server - Remote Code ExecutionNetwork ScannerOct 2021Oct 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)FortiOS SSL VPN - Arbitrary File ReadNetwork ScannerAug 2021Sep 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)Azure OMI - Remote Code ExecutionNetwork ScannerSep 2021Sep 2021

Critical

9.8Yes
Cisco ASA VPN and Cisco FTD - Unauthenticated Arbitrary File DeletionNetwork ScannerSep 2021Sep 2021

Critical

9.1No
Cybersecurity Infrastructure Security Agency (CISA)VMware vCenter - Remote Code ExecutionNetwork ScannerSep 2021Sep 2021

Critical

9.8No
Cybersecurity Infrastructure Security Agency (CISA)Microsoft Exchange - Remote Code ExecutionNetwork ScannerSep 2021Sep 2021

Critical

9.8Yes
Cybersecurity Infrastructure Security Agency (CISA)VMware vCenter - Remote Code ExecutionNetwork ScannerApr 2021Sep 2021

Critical

9.8Yes
Modern Events Calendar Lite Wordpress Plugin - Unauthenticated Events ExportNetwork ScannerSep 2021Sep 2021

High

7.5No
Cybersecurity Infrastructure Security Agency (CISA)vRealize Operations Manager API - Server Side Request ForgeryNetwork ScannerSep 2021Sep 2021

High

7.5No
Citrix ADC - Reflected Code InjectionNetwork ScannerSep 2021Sep 2021

Medium

6.5Yes
Cybersecurity Infrastructure Security Agency (CISA)Citrix ADC - Arbitrary File ReadNetwork ScannerSep 2021Sep 2021

Medium

6.5Yes
Microsoft Exchange - Remote Code ExecutionNetwork ScannerMay 2021May 2021

Critical

9.8No