Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8069Nuclei 4188Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit500
SMB DOUBLEPULSAR Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Metasploit500
SMB DOUBLEPULSAR Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Metasploit600
Microsoft Office Word Malicious Hta Execution
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Window
100RIESGO
abrir ↗Metasploit600
Juju-run Agent Privilege Escalation
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate pe
50RIESGO
abrir ↗Metasploit600
Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution
A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in
40RIESGO
abrir ↗Metasploit600
Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution
On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows
40RIESGO
abrir ↗Metasploit300
Quest Privilege Manager pmmasterd Buffer Overflow
Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full
50RIESGO
abrir ↗Metasploit300
Satel Iberia SenNet Data Logger and Electricity Meters Command Injection Vulnerability
A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataL
23RIESGO
abrir ↗Metasploit400
MediaWiki SyntaxHighlight extension option injection vulnerability
Parameters injection in SyntaxHighlight results in multiple vulnerabilities
23RIESGO
abrir ↗Metasploit300
TYPO3 News Module SQL Injection
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated
30RIESGO
abrir ↗Metasploit300
HP Jetdirect Path Traversal Arbitrary Code Execution
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmwa
60RIESGO
abrir ↗Metasploit300
Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9
50RIESGO
abrir ↗Metasploit300
Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9
50RIESGO
abrir ↗Metasploit400
AF_PACKET packet_set_ring Privilege Escalation
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate cer
43RIESGO
abrir ↗Metasploit0
Microsoft IIS WebDav ScStoragePathFromUrl Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in
100RIESGO
abrir ↗Metasploit600
Samba is_known_pipename() Arbitrary Module Load
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allo
100RIESGO
abrir ↗Metasploit300
Razer Synapse rzpnk.sys ZwOpenProcess
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpe
60RIESGO
abrir ↗Metasploit600
SolarWinds LEM Default SSH Password Remote Code Execution
In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is acce
23RIESGO
abrir ↗Metasploit300
Cisco IOS Telnet Denial of Service
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software co
100RIESGO
abrir ↗Metasploit500
Dup Scout Enterprise GET Buffer Overflow
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9
40RIESGO
abrir ↗Metasploit500
Sync Breeze Enterprise GET Buffer Overflow
Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username
23RIESGO
abrir ↗Metasploit600
Github Enterprise Default Session Secret And Deserialization Vulnerability
The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated r
23RIESGO
abrir ↗Metasploit500
Disk Sorter Enterprise GET Buffer Overflow
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrar
23RIESGO
abrir ↗Metasploit500
VX Search Enterprise GET Buffer Overflow
Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary c
23RIESGO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.