Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8069Nuclei 4187Metasploit 3462✓ solo verificadosrecientespopularesriesgo
19.791 exploits
Referência
CVE-2020-3243
Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data
85RIESGO
abrir ↗Referência
CVE-2022-37042
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts fi
100RIESGO
abrir ↗Referência
CVE-2019-7192
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix the
100RIESGO
abrir ↗Referência
CVE-2021-24145
Modern Events Calendar Lite < 5.16.5 - Authenticated Arbitrary File Upload leading to RCE
60RIESGO
abrir ↗Referência
CVE-2021-24145
Modern Events Calendar Lite < 5.16.5 - Authenticated Arbitrary File Upload leading to RCE
60RIESGO
abrir ↗Referência
CVE-2021-20837
Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movab
60RIESGO
abrir ↗Referência
CVE-2021-20837
Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movab
60RIESGO
abrir ↗Referência
CVE-2020-35729
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
60RIESGO
abrir ↗Referência
CVE-2020-35729
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
60RIESGO
abrir ↗Referência
CVE-2020-35729
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
60RIESGO
abrir ↗Referência
CVE-2017-17411
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authe
60RIESGO
abrir ↗Referência
CVE-2016-9079
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been dis
100RIESGO
abrir ↗Referência
CVE-2016-9079
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been dis
100RIESGO
abrir ↗Referência
CVE-2015-2080
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive informat
60RIESGO
abrir ↗Referência
CVE-2018-17128
A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode.
45RIESGO
abrir ↗Referência
ProFTPd - 'mod_mysql' Authentication Bypass
SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL co
45RIESGO
abrir ↗Referência
CVE-2023-5222
Viessmann Vitogate 300 Web Management Interface vitogate.cgi isValidUser hard-coded password
70RIESGO
abrir ↗Referência
CVE-2004-2466
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username
60RIESGO
abrir ↗Referência
CVE-2004-2466
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username
60RIESGO
abrir ↗Referência
CVE-2010-3653
The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrar
60RIESGO
abrir ↗Referência
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClien
100RIESGO
abrir ↗Referência
CVE-2016-1542
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and U
60RIESGO
abrir ↗Referência
CVE-2016-1542
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and U
60RIESGO
abrir ↗Referência
CVE-2016-1542
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and U
60RIESGO
abrir ↗Referência
CVE-2018-7584
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer
45RIESGO
abrir ↗Referência
CVE-2018-7357
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper acc
55RIESGO
abrir ↗Referência
CVE-2018-8174
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows
93RIESGO
abrir ↗Referência
CVE-2009-0658
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitra
60RIESGO
abrir ↗Referência
Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2)
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitra
60RIESGO
abrir ↗Referência
CVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1
60RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.