Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8078Nuclei 4190Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit300
Canon Wireless Printer Denial Of Service
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause
23RIESGO
abrir ↗Metasploit300
Canon Printer Wireless Configuration Disclosure
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX9
18RIESGO
abrir ↗Metasploit500
Java Applet ProviderSkeleton Insecure Invoke Method
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and
60RIESGO
abrir ↗Metasploit500
FreeBSD 9 Address Space Manipulation Privilege Escalation
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEAS
38RIESGO
abrir ↗Metasploit600
Havalite CMS Arbitary File Upload Vulnerability
Havalite CMS Arbitary File Upload RCE
63RIESGO
abrir ↗Metasploit600
LibrettoCMS File Manager Arbitary File Upload Vulnerability
LibrettoCMS File Manager Arbitrary File Upload
63RIESGO
abrir ↗Metasploit600
HP System Management Homepage JustGetSNMPQueue Command Injection
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands vi
50RIESGO
abrir ↗Metasploit600
ZPanel zsudo Local Privilege Escalation Exploit
ZPanel zsudo Local Privilege Escalation
36RIESGO
abrir ↗Metasploit600
ZPanel 10.0.0.2 htpasswd Module Username Command Execution
ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution
36RIESGO
abrir ↗Metasploit600
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote
43RIESGO
abrir ↗Metasploit300
Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users w
43RIESGO
abrir ↗Metasploit600
Netgear DGN1000 Setup.cgi Unauthenticated RCE
NETGEAR DGN setup.cgi OS Command Injection
68RIESGO
abrir ↗Metasploit300
HP Data Protector Cell Request Service Buffer Overflow
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arb
60RIESGO
abrir ↗Metasploit300
Monkey HTTPD Header Parsing Denial of Service (DoS)
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) be
23RIESGO
abrir ↗Metasploit300
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow
36RIESGO
abrir ↗Metasploit0
Intrasrv 1.0 Buffer Overflow
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET o
30RIESGO
abrir ↗Metasploit500
Apache Struts includeParams Remote Code Execution
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RIESGO
abrir ↗Metasploit500
Apache Struts includeParams Remote Code Execution
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RIESGO
abrir ↗Metasploit300
ERS Viewer 2013 ERS File Handling Buffer Overflow
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.
50RIESGO
abrir ↗Metasploit300
Java JMX Server Insecure Endpoint Code Execution Scanner
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RIESGO
abrir ↗Metasploit600
Java JMX Server Insecure Configuration Java Code Execution
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RIESGO
abrir ↗Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RIESGO
abrir ↗Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RIESGO
abrir ↗Metasploit300
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a de
50RIESGO
abrir ↗Metasploit200
Novell Client 2 SP3 nicm.sys Local Privilege Escalation
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2
38RIESGO
abrir ↗Metasploit200
Kimai v0.9.2 'db_restore.php' SQL Injection
Kimai 0.9.2 db_restore.php SQL Injection
63RIESGO
abrir ↗Metasploit600
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers t
50RIESGO
abrir ↗Metasploit300
Mutiny 5 Arbitrary File Read and Delete
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RIESGO
abrir ↗Metasploit200
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo
98RIESGO
abrir ↗Metasploit600
Mutiny 5 Arbitrary File Upload
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.