Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
22.469 exploits
Exploit-DB
Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure
CVE-2018-13379CRITICALbajo ataqueransomware19 ago 2019
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.
100RIESGO
abrir
Exploit-DB
Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)
CVE-2018-13379CRITICALbajo ataqueransomware19 ago 2019
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.
100RIESGO
abrir
Exploit-DB
Webmin 1.920 - Remote Code Execution
CVE-2019-15107CRITICALbajo ataqueransomware19 ago 2019
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnera
100RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 Stream
CVE-2019-802415 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx
CVE-2019-1148MEDIUM15 ago 2019
Microsoft Graphics Component Information Disclosure Vulnerability
33RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1
CVE-2019-1153MEDIUM15 ago 2019
Microsoft Graphics Component Information Disclosure Vulnerability
33RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackage
CVE-2019-1145HIGH15 ago 2019
Microsoft Graphics Remote Code Execution Vulnerability
46RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList
CVE-2019-1144HIGH15 ago 2019
Microsoft Graphics Remote Code Execution Vulnerability
46RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList
CVE-2019-1152HIGH15 ago 2019
Microsoft Graphics Remote Code Execution Vulnerability
46RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream
CVE-2019-804815 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
35RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure
CVE-2019-1150HIGH15 ago 2019
Microsoft Graphics Remote Code Execution Vulnerability
46RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure
CVE-2019-1150HIGH15 ago 2019
Microsoft Graphics Remote Code Execution Vulnerability
46RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTables
CVE-2019-1149HIGH15 ago 2019
Microsoft Graphics Remote Code Execution Vulnerability
46RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream
CVE-2019-804915 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
NSKeyedUnarchiver - Info Leak in Decoding SGBigUTF8String
CVE-2019-866315 ago 2019
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6. A remote attacker
23RIESGO
abrir
Exploit-DB
Adobe Acrobat CoolType (AFDKO) - Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts
CVE-2019-801715 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Adobe Acrobat CoolType (AFDKO) - Memory Corruption in the Handling of Type 1 Font load/store Operators
CVE-2019-801615 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow While Processing Malformed PDF
CVE-2019-805015 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
35RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - free() of Uninitialized Pointer due to Malformed JBIG2Globals Stream
CVE-2019-804515 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Double Free due to Malformed JP2 Stream
CVE-2019-804415 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Microsoft Font Subsetting - DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList
CVE-2019-1151HIGH15 ago 2019
Microsoft Graphics Remote Code Execution Vulnerability
46RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Heap-Based Memory Corruption due to Malformed TTF Font
CVE-2019-804215 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Heap-Based Out-of-Bounds read due to Malformed JP2 Stream
CVE-2019-804315 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream
CVE-2019-804615 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow in CoolType.dll
CVE-2019-804115 ago 2019
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 20
28RIESGO
abrir
Exploit-DB
TortoiseSVN 1.12.1 - Remote Code Execution
CVE-2019-1442214 ago 2019
An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel w
28RIESGO
abrir
Exploit-DB
D-Link DIR-600M - Authentication Bypass (Metasploit)
CVE-2019-1310114 ago 2019
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without
50RIESGO
abrir
Exploit-DB
VxWorks 6.8 - TCP Urgent Pointer = 0 Integer Underflow
CVE-2019-1225512 ago 2019
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TC
45RIESGO
abrir
Exploit-DB
UNA 10.0.0 RC1 - 'polyglot.php' Persistent Cross-Site Scripting
CVE-2019-1480412 ago 2019
studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template
23RIESGO
abrir
Exploit-DB
Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell
CVE-2019-1493112 ago 2019
An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3
35RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.