Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
19.791 exploits
Referência
CVE-2023-25690
Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy
70RIESGO
abrir
Referência
CVE-2014-0497
CVE-2014-0497HIGHbajo ataque
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Ma
100RIESGO
abrir
Referência
CVE-2023-2796
EventON < 2.1.2 - Unauthenticated Event Access
50RIESGO
abrir
Referência
CVE-2021-24155
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
60RIESGO
abrir
Referência
CVE-2021-24155
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
60RIESGO
abrir
Referência
CVE-2017-14493
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execu
45RIESGO
abrir
Referência
CVE-2016-10073
The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the emai
60RIESGO
abrir
Referência
CVE-2016-10073
The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the emai
60RIESGO
abrir
Referência
Bea Weblogic Apache Connector - Code Execution / Denial of Service
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10
60RIESGO
abrir
Referência
CVE-2021-25094
Tatsu < 3.3.12 - Unauthenticated RCE
60RIESGO
abrir
Referência
CVE-2021-25094
Tatsu < 3.3.12 - Unauthenticated RCE
60RIESGO
abrir
Referência
CVE-2010-2075
UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally
60RIESGO
abrir
Referência
CVE-2013-5311
Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL com
23RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2016-5195
CVE-2016-5195HIGHbajo ataque
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by lev
93RIESGO
abrir
Referência
CVE-2017-11317
CVE-2017-11317CRITICALbajo ataque
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload
100RIESGO
abrir
Referência
Sun Board 1.00.00 alpha - Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers to execute arbitrar
45RIESGO
abrir
Referência
CVE-2015-0779
Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11
60RIESGO
abrir
Referência
CVE-2016-10174
CVE-2016-10174CRITICALbajo ataque
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cg
100RIESGO
abrir
Referência
CVE-2016-10174
CVE-2016-10174CRITICALbajo ataque
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cg
100RIESGO
abrir
Referência
CVE-2019-1935
Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability
85RIESGO
abrir
Referência
CVE-2019-1935
Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data SCP User Default Credentials Vulnerability
85RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.