Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8078Nuclei 4190Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird befo
50RIESGO
abrir ↗Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi
50RIESGO
abrir ↗Metasploit600
Squash YAML Code Execution
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter t
50RIESGO
abrir ↗Metasploit600
Agnitum Outpost Internet Security Local Privilege Escalation
Agnitum Outpost Internet Security Local Privilege Escalation
36RIESGO
abrir ↗Metasploit600
Joomla Media Manager File Upload Vulnerability
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before
50RIESGO
abrir ↗Metasploit0
HP SiteScope Remote Code Execution
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execu
50RIESGO
abrir ↗Metasploit300
HP LoadRunner magentproc.exe Overflow
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RIESGO
abrir ↗Metasploit600
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacha
60RIESGO
abrir ↗Metasploit300
Chasys Draw IES Buffer Overflow
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote atta
50RIESGO
abrir ↗Metasploit300
Cogent DataHub HTTP Server Buffer Overflow
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub befor
23RIESGO
abrir ↗Metasploit300
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RIESGO
abrir ↗Metasploit300
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RIESGO
abrir ↗Metasploit600
Oracle Endeca Server Remote Command Execution
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows rem
50RIESGO
abrir ↗Metasploit0
NETGEAR ReadyNAS Perl Code Evaluation
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator
60RIESGO
abrir ↗Metasploit600
Linksys Devices pingstr Remote Command Injection
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentica
43RIESGO
abrir ↗Metasploit300
Ultra Mini HTTPD Stack Buffer Overflow
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RIESGO
abrir ↗Metasploit300
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
100RIESGO
abrir ↗Metasploit300
Corel PDF Fusion Stack Buffer Overflow
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wi
43RIESGO
abrir ↗Metasploit300
D-Link Devices UPnP SOAP Command Execution
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClien
100RIESGO
abrir ↗Metasploit600
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a
100RIESGO
abrir ↗Metasploit300
HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attacke
50RIESGO
abrir ↗Metasploit600
Nodejs js-yaml load() Code Execution
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
43RIESGO
abrir ↗Metasploit300
PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USE
50RIESGO
abrir ↗Metasploit600
Horde Framework Unserialize PHP Code Execution
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to c
50RIESGO
abrir ↗Metasploit300
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
50RIESGO
abrir ↗Metasploit600
InstantCMS 1.6 Remote PHP Code Execution
InstantCMS <= 1.6 Remote PHP Code Execution
63RIESGO
abrir ↗Metasploit300
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before
98RIESGO
abrir ↗Metasploit300
MediaCoder .M3U Buffer Overflow
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
43RIESGO
abrir ↗Metasploit300
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote
60RIESGO
abrir ↗Metasploit300
IPMI 2.0 Cipher Zero Authentication Bypass Scanner
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands b
23RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.