Is there a firmware exploit database? If you know of any, please leave a Comment to this blog!
The Debian project just started collecting a list of public exploits that can be used for jailbreaking locked-down devices:
https://wiki.debian.org/Exploits
The UEFI Forum maintains a list of EDK2 exploits, but those are over a year old, nothing recent, and they don’t cover OEM-centric variations.
https://github.com/tianocore/tianocore.github.io/wiki/Security
https://sourceforge.net/projects/edk2/files/Security_Advisory/
The Exploit Database is pretty large, but not firmware-centric. However, many of the app exploits that get root on a device often count as firmware exploits.
https://www.exploit-db.com/
https://twitter.com/exploitdb/with_replies
Firmware Security 