Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8069Nuclei 4187Metasploit 3462✓ solo verificadosrecientespopularesriesgo
19.791 exploits
Referência
CVE-2015-2996
Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrar
60RIESGO
abrir ↗Referência
CVE-2018-1999002
A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framewor
45RIESGO
abrir ↗Referência
CVE-2020-10915
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.
85RIESGO
abrir ↗Referência
CVE-2022-31814
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metachar
85RIESGO
abrir ↗Referência
CVE-2019-4716
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated use
100RIESGO
abrir ↗Referência
CVE-2018-6961
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web U
100RIESGO
abrir ↗Referência
CVE-2020-14295
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead
60RIESGO
abrir ↗Referência
CVE-2020-14295
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead
60RIESGO
abrir ↗Referência
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zim
60RIESGO
abrir ↗Referência
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zim
60RIESGO
abrir ↗Referência
CVE-2022-2992
A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows
85RIESGO
abrir ↗Referência
CVE-2010-1743
SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via t
23RIESGO
abrir ↗Referência
CVE-2026-1731
Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
100RIESGO
abrir ↗Referência
CVE-2020-2038
PAN-OS: OS command injection vulnerability in the management web interface
78RIESGO
abrir ↗Referência
CVE-2020-2038
PAN-OS: OS command injection vulnerability in the management web interface
78RIESGO
abrir ↗Referência
CVE-2020-11652
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RIESGO
abrir ↗Referência
CVE-2020-11652
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RIESGO
abrir ↗Referência
CVE-2017-5255
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web
60RIESGO
abrir ↗Referência
CVE-2013-3893
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 throug
100RIESGO
abrir ↗Referência
CVE-2013-1493
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and
60RIESGO
abrir ↗Referência
CVE-2014-0226
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denia
45RIESGO
abrir ↗Referência
CVE-2009-3129
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Conv
100RIESGO
abrir ↗Referência
CVE-2021-29447
WordPress Authenticated XXE attack when installation is running PHP 8
63RIESGO
abrir ↗Referência
CVE-2021-29447
WordPress Authenticated XXE attack when installation is running PHP 8
63RIESGO
abrir ↗Referência
CVE-2019-15975
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
85RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.