Blog
Nov 16, 2009
Offensive Security Exploit Archive Online
Offensive Security Exploit Database, as well as Vulnerable applications is now Online
OffSec Team
1 min read
After a short and intense setup, we are ready to present the Offsec Exploit Archive. We’ve recreated the milw0rm database, updated it and are now accepting submissions. The purpose of the site is to provide researchers and security enthusiasts a repository of exploits, and when possible, the relevant affected software. We’ve started the party by posting a few new exploits of our own – namely a Novell eDirectory 8.8 SP5 iConsole Buffer overflow exploit and a HP Power Manager Administration Universal Buffer Overflow Exploit.
You can visit the archive here: https://www.exploit-db.com/
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec
Research & Tutorials
CVE-2024-2928: MLflow Local File Inclusion via URI Fragment Manipulation
Read about an LFI vulnerability disclosed in MLflow which allowed unauthenticated remote attackers to read arbitrary files by exploiting URI fragments containing directory traversal sequences.
May 15, 2025
3 min read
Research & Tutorials
CVE-2025-23211: Tandoor Recipes Jinja2 SSTI to Remote Code Execution
A critical SSTI vulnerability was discovered in the open-source meal planning application Tandoor Recipes leading to a full system compromise.
May 8, 2025
2 min read
Research & Tutorials
CVE-2025-29927: Next.js Middleware Authorization Bypass
In this CVE blog, we explore a vulnerability in Next.js stemming from the improper trust of the x-middleware-subrequest header.
May 1, 2025
3 min read