Resources

Vulnerability & Exploit Database

This is the list of vulnerabilities you can detect with Pentest-Tools.com and the exploits currently available in the platform.

We detect more than 15.773 vulnerabilities with multiple tools (Network Scanner, Website Scanner, Wordpress Scanner, and more) and we also have 170 exploit modules in Sniper to validate the risk level of critical CVEs.

Display

Displaying 1 - 25 results out of 15.773

Pentest-Tools.com Vulnerabilities
Name	Detectable with	Detection added	Severity	Exploitable with Sniper
74CMS - Remote File Inclusion CVE-2020-29279	Network Scanner	Oct 14, 2025	Critical(9.8)	No
KACE Systems Management Appliance - Installer	Network Scanner	Oct 14, 2025	N/A	No
VMware vRealize Log Insight < v8.10.2 - Information Disclosure CVE-2022-31711	Network Scanner	Oct 14, 2025	Medium(5.3)	No
Formidable Form Builder < 2.05.03 - Unauthenticated Information Disclosure CVE-2017-20194	Network Scanner	Oct 14, 2025	Medium(5.3)	No
Kramer VIAware - Privilege Escalation and Remote Code Execution CVE-2021-35064	Network Scanner	Oct 13, 2025	Critical(9.8)	No
Odoo Apps - Cross-Site Scripting via Prototype Pollution CVE-2021-20086	Network Scanner	Oct 13, 2025	High(8.8)	No
Traccar(Windows) 6.1- 6.8.1 - Local File Inclusion CVE-2025-61666	Network Scanner	Oct 13, 2025	N/A	No
Microsoft Exchange - Authentication Bypass CVE-2021-33766	Network Scanner	Oct 13, 2025	High(7.3)	No
Mitel MiCollab <= 9.8.0.33 - SQL Injection CVE-2024-35286	Network Scanner	Oct 13, 2025	Critical(9.8)	No
Vite Dev Server - Path Traversal CVE-2025-58751	Network Scanner	Oct 13, 2025	Medium(5.3)	No
Zimbra Collaboration Suite < 8.8.15 - Improper Encoding CVE-2022-24682	Network Scanner	Oct 13, 2025	Medium(6.1)	No
IBM Data Risk Manager - Authentication Bypass via SAML CVE-2020-4427	Network Scanner	Oct 13, 2025	Critical(9.8)	No
Cisco vManage (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	No
PrestaShop - SQL Injection to Eval Injection CVE-2022-31181	Network Scanner	Oct 12, 2025	Critical(9.8)	No
Metabase - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	No
JamF (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	No
Redis < 8.2.1 Lua Long-String Delimiter - Out-of-Bounds Read CVE-2025-46819	Network Scanner	Oct 12, 2025	Medium(6.3)	No
Redis < 8.2.1 lua script - Integer Overflow CVE-2025-46817	Network Scanner	Oct 12, 2025	High(7)	No
Elastic Cloud API Key	Network Scanner	Oct 12, 2025	N/A	No
VMware Operations Manager - Remote Code Execution (Apache Log4j) CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	No
Canon Devices - Authentication Bypass in Catwalk Server CVE-2021-38154	Network Scanner	Oct 12, 2025	High(7.5)	No
Kaseya VSA < 9.5.7 - Arbitrary File Upload to Remote Code Execution CVE-2021-30118	Network Scanner	Oct 12, 2025	Critical(9.8)	No
Redis Lua Sandbox < 8.2.2 - Cross-User Escape CVE-2025-46818	Network Scanner	Oct 12, 2025	Medium(6)	No
Ivanti MobileIron (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	No
Seeyon OA (Log4j) - Remote Code Execution CVE-2021-44228	Network Scanner	Oct 12, 2025	Critical(10)	No