Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
3462 exploits
Metasploit500
HP Intelligent Management Center Arbitrary File Upload
CVE-2012-520107 mar 2013
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Netw
50RIESGO
abrir
Metasploit300
MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
CVE-2013-2551HIGHbajo ataqueransomware06 mar 2013
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary co
100RIESGO
abrir
Metasploit600
D-Link DIR-645 / DIR-815 diagnostic.php Command Execution
CVE-2014-100005HIGHbajo ataque05 mar 2013
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b
78RIESGO
abrir
Metasploit300
Java CMM Remote Code Execution
CVE-2013-149301 mar 2013
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and
60RIESGO
abrir
Metasploit300
Mac OS X Sudo Password Bypass
CVE-2013-177528 feb 2013
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypas
38RIESGO
abrir
Metasploit100
Sami FTP Server LIST Command Buffer Overflow
CVE-2008-510627 feb 2013
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) a
23RIESGO
abrir
Metasploit600
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
CVE-2013-10066CRITICAL22 feb 2013
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
63RIESGO
abrir
Metasploit600
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
CVE-2013-010822 feb 2013
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R
43RIESGO
abrir
Metasploit600
Nagios Remote Plugin Executor Arbitrary Command Execution
CVE-2013-136221 feb 2013
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote att
50RIESGO
abrir
Metasploit0
Netgear DGN2200B pppoe.cgi Remote Command Execution
CVE-2013-10060CRITICAL15 feb 2013
Netgear Routers pppoe.cgi RCE
63RIESGO
abrir
Metasploit200
MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free
CVE-2013-002513 feb 2013
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a cr
50RIESGO
abrir
Metasploit600
OpenEMR PHP File Upload Vulnerability
CVE-2009-414013 feb 2013
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer
60RIESGO
abrir
Metasploit600
Linksys WRT160nv2 apply.cgi Remote Command Injection
CVE-2013-10058HIGH11 feb 2013
Linksys Routers apply.cgi Remote Command Injection
36RIESGO
abrir
Metasploit300
D-Link hedwig.cgi Buffer Overflow in Cookie Header
CVE-2013-738908 feb 2013
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RIESGO
abrir
Metasploit300
D-Link authentication.cgi Buffer Overflow
CVE-2013-738908 feb 2013
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RIESGO
abrir
Metasploit300
Adobe Flash Player Regular Expression Heap Overflow
CVE-2013-063408 feb 2013
Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x
60RIESGO
abrir
Metasploit600
D-Link DIR615h OS Command Injection
CVE-2013-10059HIGH07 feb 2013
D-Link Routers tools_vct.htm OS Command Injection
41RIESGO
abrir
Metasploit600
Netgear DGN1000B setup.cgi Remote Command Execution
CVE-2013-10061HIGH06 feb 2013
Netgear Routers setup.cgi RCE
36RIESGO
abrir
Metasploit300
OpenSSL TLS 1.1 and 1.2 AES-NI DoS
CVE-2012-268605 feb 2013
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 bef
30RIESGO
abrir
Metasploit600
Linksys E1500/E2500 apply.cgi Remote Command Injection
CVE-2018-3953HIGH05 feb 2013
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RIESGO
abrir
Metasploit300
ActFax 5.01 RAW Server Buffer Overflow
CVE-2013-10064CRITICAL05 feb 2013
ActFax 5.01 RAW Server Buffer Overflow
63RIESGO
abrir
Metasploit300
Linksys E1500/E2500 Remote Command Execution
CVE-2018-3953HIGH05 feb 2013
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RIESGO
abrir
Metasploit600
Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
CVE-2013-10067CRITICAL05 feb 2013
Glossword 1.8.8 - 1.8.12 Arbitrary File Upload RCE
43RIESGO
abrir
Metasploit600
D-Link Devices Unauthenticated Remote Command Execution
CVE-2013-10048CRITICAL04 feb 2013
D-Link Devices command.php Unauthenticated RCE
68RIESGO
abrir
Metasploit0
Raidsonic NAS Devices Unauthenticated Remote Command Execution
CVE-2013-10049CRITICAL04 feb 2013
Raidsonic NAS Devices Unauthenticated Remote Command Execution
63RIESGO
abrir
Metasploit300
D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution
CVE-2013-10069CRITICAL04 feb 2013
D-Link Devices Unauthenticated RCE
68RIESGO
abrir
Metasploit600
SCADA 3S CoDeSys Gateway Server Directory Traversal
CVE-2012-470502 feb 2013
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitr
50RIESGO
abrir
Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
CVE-2020-1589301 feb 2013
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled b
23RIESGO
abrir
Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
CVE-2019-2021501 feb 2013
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the
60RIESGO
abrir
Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
CVE-2023-3362501 feb 2013
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability vi
30RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.