Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8078Nuclei 4190Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit500
HP Intelligent Management Center Arbitrary File Upload
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Netw
50RIESGO
abrir ↗Metasploit300
MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary co
100RIESGO
abrir ↗Metasploit600
D-Link DIR-645 / DIR-815 diagnostic.php Command Execution
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b
78RIESGO
abrir ↗Metasploit300
Java CMM Remote Code Execution
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and
60RIESGO
abrir ↗Metasploit300
Mac OS X Sudo Password Bypass
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypas
38RIESGO
abrir ↗Metasploit100
Sami FTP Server LIST Command Buffer Overflow
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) a
23RIESGO
abrir ↗Metasploit600
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
63RIESGO
abrir ↗Metasploit600
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R
43RIESGO
abrir ↗Metasploit600
Nagios Remote Plugin Executor Arbitrary Command Execution
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote att
50RIESGO
abrir ↗Metasploit0
Netgear DGN2200B pppoe.cgi Remote Command Execution
Netgear Routers pppoe.cgi RCE
63RIESGO
abrir ↗Metasploit200
MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a cr
50RIESGO
abrir ↗Metasploit600
OpenEMR PHP File Upload Vulnerability
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer
60RIESGO
abrir ↗Metasploit600
Linksys WRT160nv2 apply.cgi Remote Command Injection
Linksys Routers apply.cgi Remote Command Injection
36RIESGO
abrir ↗Metasploit300
D-Link hedwig.cgi Buffer Overflow in Cookie Header
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RIESGO
abrir ↗Metasploit300
D-Link authentication.cgi Buffer Overflow
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RIESGO
abrir ↗Metasploit300
Adobe Flash Player Regular Expression Heap Overflow
Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x
60RIESGO
abrir ↗Metasploit600
D-Link DIR615h OS Command Injection
D-Link Routers tools_vct.htm OS Command Injection
41RIESGO
abrir ↗Metasploit600
Netgear DGN1000B setup.cgi Remote Command Execution
Netgear Routers setup.cgi RCE
36RIESGO
abrir ↗Metasploit300
OpenSSL TLS 1.1 and 1.2 AES-NI DoS
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 bef
30RIESGO
abrir ↗Metasploit600
Linksys E1500/E2500 apply.cgi Remote Command Injection
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RIESGO
abrir ↗Metasploit300
ActFax 5.01 RAW Server Buffer Overflow
ActFax 5.01 RAW Server Buffer Overflow
63RIESGO
abrir ↗Metasploit300
Linksys E1500/E2500 Remote Command Execution
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RIESGO
abrir ↗Metasploit600
Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
Glossword 1.8.8 - 1.8.12 Arbitrary File Upload RCE
43RIESGO
abrir ↗Metasploit600
D-Link Devices Unauthenticated Remote Command Execution
D-Link Devices command.php Unauthenticated RCE
68RIESGO
abrir ↗Metasploit0
Raidsonic NAS Devices Unauthenticated Remote Command Execution
Raidsonic NAS Devices Unauthenticated Remote Command Execution
63RIESGO
abrir ↗Metasploit300
D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution
D-Link Devices Unauthenticated RCE
68RIESGO
abrir ↗Metasploit600
SCADA 3S CoDeSys Gateway Server Directory Traversal
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitr
50RIESGO
abrir ↗Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled b
23RIESGO
abrir ↗Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the
60RIESGO
abrir ↗Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability vi
30RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.