Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
3462 exploits
Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
CVE-2013-171006 ago 2013
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird befo
50RIESGO
abrir
Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
CVE-2012-399306 ago 2013
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi
50RIESGO
abrir
Metasploit600
Squash YAML Code Execution
CVE-2013-503606 ago 2013
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter t
50RIESGO
abrir
Metasploit600
Agnitum Outpost Internet Security Local Privilege Escalation
CVE-2013-10046HIGH02 ago 2013
Agnitum Outpost Internet Security Local Privilege Escalation
36RIESGO
abrir
Metasploit600
Joomla Media Manager File Upload Vulnerability
CVE-2013-557601 ago 2013
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before
50RIESGO
abrir
Metasploit0
HP SiteScope Remote Code Execution
CVE-2013-236729 jul 2013
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execu
50RIESGO
abrir
Metasploit300
HP LoadRunner magentproc.exe Overflow
CVE-2013-480027 jul 2013
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RIESGO
abrir
Metasploit600
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
CVE-2013-682926 jul 2013
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacha
60RIESGO
abrir
Metasploit300
Chasys Draw IES Buffer Overflow
CVE-2013-392826 jul 2013
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote atta
50RIESGO
abrir
Metasploit300
Cogent DataHub HTTP Server Buffer Overflow
CVE-2013-068026 jul 2013
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub befor
23RIESGO
abrir
Metasploit300
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
CVE-2013-237024 jul 2013
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RIESGO
abrir
Metasploit300
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
CVE-2013-479824 jul 2013
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RIESGO
abrir
Metasploit600
Oracle Endeca Server Remote Command Execution
CVE-2013-376316 jul 2013
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows rem
50RIESGO
abrir
Metasploit0
NETGEAR ReadyNAS Perl Code Evaluation
CVE-2013-275112 jul 2013
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator
60RIESGO
abrir
Metasploit600
Linksys Devices pingstr Remote Command Injection
CVE-2013-356812 jul 2013
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentica
43RIESGO
abrir
Metasploit300
Ultra Mini HTTPD Stack Buffer Overflow
CVE-2013-501910 jul 2013
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RIESGO
abrir
Metasploit300
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
CVE-2013-3163HIGHbajo ataque09 jul 2013
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
100RIESGO
abrir
Metasploit300
Corel PDF Fusion Stack Buffer Overflow
CVE-2013-324808 jul 2013
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wi
43RIESGO
abrir
Metasploit300
D-Link Devices UPnP SOAP Command Execution
CVE-2014-8361CRITICALbajo ataque05 jul 2013
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClien
100RIESGO
abrir
Metasploit600
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
CVE-2013-2251CRITICALbajo ataque02 jul 2013
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a
100RIESGO
abrir
Metasploit300
HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
CVE-2013-234328 jun 2013
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attacke
50RIESGO
abrir
Metasploit600
Nodejs js-yaml load() Code Execution
CVE-2013-466028 jun 2013
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
43RIESGO
abrir
Metasploit300
PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow
CVE-2013-473027 jun 2013
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USE
50RIESGO
abrir
Metasploit600
Horde Framework Unserialize PHP Code Execution
CVE-2014-169127 jun 2013
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to c
50RIESGO
abrir
Metasploit300
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
CVE-2013-318427 jun 2013
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
50RIESGO
abrir
Metasploit600
InstantCMS 1.6 Remote PHP Code Execution
CVE-2013-10051CRITICAL26 jun 2013
InstantCMS <= 1.6 Remote PHP Code Execution
63RIESGO
abrir
Metasploit300
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
CVE-2013-1690HIGHbajo ataque25 jun 2013
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before
98RIESGO
abrir
Metasploit300
MediaCoder .M3U Buffer Overflow
CVE-2017-886924 jun 2013
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
43RIESGO
abrir
Metasploit300
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
CVE-2013-478620 jun 2013
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote
60RIESGO
abrir
Metasploit300
IPMI 2.0 Cipher Zero Authentication Bypass Scanner
CVE-2013-478220 jun 2013
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands b
23RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.