Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8069Nuclei 4188Metasploit 3462✓ solo verificadosrecientespopularesriesgo
8069 exploits
VulnCheck XDB
local
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RIESGO
abrir ↗VulnCheck XDB
denial-of-service
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside
76RIESGO
abrir ↗VulnCheck XDB
initial-access
MaxSite CMS MarkItUp Preview AJAX Endpoint preview-ajax.php eval code injection
33RIESGO
abrir ↗VulnCheck XDB
initial-access
Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root
53RIESGO
abrir ↗VulnCheck XDB
local
runc container breakout through process.cwd trickery and leaked fds
61RIESGO
abrir ↗VulnCheck XDB
client-side
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
remote-with-credentials
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with a
100RIESGO
abrir ↗VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir ↗VulnCheck XDB
initial-access
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF
90RIESGO
abrir ↗VulnCheck XDB
info-leak
wpForo Forum <= 2.4.14 - Unauthenticated Time-Based SQL Injection
56RIESGO
abrir ↗VulnCheck XDB
remote-with-credentials
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RIESGO
abrir ↗VulnCheck XDB
local
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 bef
100RIESGO
abrir ↗VulnCheck XDB
initial-access
MajorDoMo Unauthenticated Remote Code Execution via Admin Console Eval
63RIESGO
abrir ↗VulnCheck XDB
initial-access
WordPress Modular DS plugin <= 2.5.1 - Privilege Escalation vulnerability
68RIESGO
abrir ↗VulnCheck XDB
initial-access
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RIESGO
abrir ↗VulnCheck XDB
client-side
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an un
100RIESGO
abrir ↗VulnCheck XDB
initial-access
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RIESGO
abrir ↗VulnCheck XDB
info-leak
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenti
60RIESGO
abrir ↗VulnCheck XDB
remote-with-credentials
FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnera
48RIESGO
abrir ↗VulnCheck XDB
local
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RIESGO
abrir ↗VulnCheck XDB
local
Windows Common Log File System Driver Elevation of Privilege Vulnerability
46RIESGO
abrir ↗VulnCheck XDB
initial-access
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RIESGO
abrir ↗VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RIESGO
abrir ↗VulnCheck XDB
remote-with-credentials
Migration, Backup, Staging <= 0.9.123 - Unauthenticated Arbitrary File Upload
75RIESGO
abrir ↗VulnCheck XDB
remote-with-credentials
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary com
85RIESGO
abrir ↗VulnCheck XDB
initial-access
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RIESGO
abrir ↗VulnCheck XDB
local
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
85RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.