Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8069Nuclei 4187Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit600
Geutebruck instantrec Remote Command Execution
UDP Technology/Geutebrück camera devices: Buffer overflow in action parameter leading to RCE
48RIESGO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: command injection leading to RCE
58RIESGO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Authentication Bypass
65RIESGO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RIESGO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RIESGO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in preserve parameter leading to RCE
48RIESGO
abrir ↗Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing
85RIESGO
abrir ↗Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
Sage X3 AdxAdmin Exposure of Sensitive Information to an Unauthorized Actor
40RIESGO
abrir ↗Metasploit500
Netfilter x_tables Heap OOB Write Privilege Escalation
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RIESGO
abrir ↗Metasploit600
ForgeRock / OpenAM Jato Java Deserialization
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pa
100RIESGO
abrir ↗Metasploit600
Moodle SpellChecker Path Authenticated Remote Command Execution
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted s
41RIESGO
abrir ↗Metasploit600
Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution
SP Project & Document Manager <2 4.22 - Authenticated Shell Upload
30RIESGO
abrir ↗Metasploit600
elFinder Archive Command Injection
Multiple vulnerabilities leading to RCE
75RIESGO
abrir ↗Metasploit300
Wordpress Popular Posts Authenticated RCE
WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload
78RIESGO
abrir ↗Metasploit300
Print Spooler Remote DLL Injection
Windows Print Spooler Remote Code Execution Vulnerability
100RIESGO
abrir ↗Metasploit300
Print Spooler Remote DLL Injection
Windows Print Spooler Remote Code Execution Vulnerability
100RIESGO
abrir ↗Metasploit600
Polkit D-Bus Authentication Bypass
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privile
91RIESGO
abrir ↗Metasploit300
Squid Proxy Range Header DoS
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a
40RIESGO
abrir ↗Metasploit300
Squid Proxy Range Header DoS
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to
23RIESGO
abrir ↗Metasploit600
VMware vCenter Server Virtual SAN Health Check Plugin RCE
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual
100RIESGO
abrir ↗Metasploit600
ExifTool DjVu ANT Perl injection
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RIESGO
abrir ↗Metasploit600
IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE
lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It
50RIESGO
abrir ↗Metasploit600
Microsoft SharePoint Unsafe Control and ViewState RCE
Microsoft SharePoint Remote Code Execution Vulnerability
48RIESGO
abrir ↗Metasploit500
Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE
Linux kernel eBPF bitwise ops ALU32 bounds tracking
41RIESGO
abrir ↗Metasploit300
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
100RIESGO
abrir ↗Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir ↗Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RIESGO
abrir ↗Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir ↗Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RIESGO
abrir ↗Metasploit600
Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)
Cisco HyperFlex HX Data Platform File Upload Vulnerability
50RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.