Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.622exploits catalogados
32.030CVEs con explotación pública
1932probados en laboratorio
TodosExploit-DB 22.786Referência 19.896GitHub PoC 13.187VulnCheck XDB 8100Nuclei 4191Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit600
Openfiler v2.x NetworkCard Command Execution
Openfiler v2.x NetworkCard Command Execution
63RIESGO
abrir ↗Metasploit400
HP SiteScope Remote Code Execution
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbit
30RIESGO
abrir ↗Metasploit300
HP Intelligent Management Center UAM Buffer Overflow
Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (I
50RIESGO
abrir ↗Metasploit400
HP SiteScope Remote Code Execution
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbit
30RIESGO
abrir ↗Metasploit300
EMC Networker Format String
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.
50RIESGO
abrir ↗Metasploit300
ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
ActFax 4.32 Client Importer Buffer Overflow
43RIESGO
abrir ↗Metasploit600
Symantec Messaging Gateway 9.5 Default SSH Password Vulnerability
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier fo
50RIESGO
abrir ↗Metasploit600
Java 7 Applet Remote Code Execution
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow
100RIESGO
abrir ↗Metasploit600
XODA 0.4.5 Arbitrary PHP File Upload Vulnerability
XODA 0.4.5 Arbitrary PHP File Upload
63RIESGO
abrir ↗Metasploit600
E-Mail Security Virtual Appliance learn-msg.cgi Command Injection
E-Mail Security Virtual Appliance learn-msg.cgi Command Injection
63RIESGO
abrir ↗Metasploit600
TestLink v1.9.3 Arbitrary File Upload Vulnerability
Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with cert
18RIESGO
abrir ↗Metasploit600
Viscosity setuid-set ViscosityHelper Privilege Escalation
A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the se
50RIESGO
abrir ↗Metasploit600
Setuid Tunnelblick Privilege Escalation
Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname o
38RIESGO
abrir ↗Metasploit600
MobileCartly 1.0 Arbitrary File Creation Vulnerability
MobileCartly 1.0 savepage.php Arbitrary File Creation
63RIESGO
abrir ↗Metasploit300
Adobe Flash Player 11.3 Kern Table Parsing Integer Overflow
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on L
100RIESGO
abrir ↗Metasploit600
Cyclope Employee Surveillance Solution v6 SQL Injection
Cyclope Employee Surveillance Solution v6.x SQL Injection
43RIESGO
abrir ↗Metasploit400
Zenoss 3 showDaemonXMLConfig Command Execution
Zenoss 3.x showDaemonXMLConfig Command Execution
36RIESGO
abrir ↗Metasploit300
Ubisoft uplay 2.0.3 ActiveX Control Arbitrary Code Execution
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -
50RIESGO
abrir ↗Metasploit300
Sysax Multi Server 5.64 Create Folder Buffer Overflow
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users w
50RIESGO
abrir ↗Metasploit600
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default passwor
50RIESGO
abrir ↗Metasploit300
Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not requir
50RIESGO
abrir ↗Metasploit600
CuteFlow v2.11.2 Arbitrary File Upload Vulnerability
CuteFlow <= 2.11.2 Arbitrary File Upload RCE
63RIESGO
abrir ↗Metasploit600
Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary comman
50RIESGO
abrir ↗Metasploit600
Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2
50RIESGO
abrir ↗Metasploit300
Simple Web Server Connection Header Buffer Overflow
Simple Web Server Connection Header Buffer Overflow
63RIESGO
abrir ↗Metasploit300
Cisco Linksys PlayerPT ActiveX Control SetSource sURL Argument Buffer Overflow
Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.o
50RIESGO
abrir ↗Metasploit600
WebPageTest Arbitrary PHP File Upload
WebPageTest Arbitrary PHP File Upload RCE
63RIESGO
abrir ↗Metasploit300
WebPageTest Directory Traversal
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of
18RIESGO
abrir ↗Metasploit300
HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via u
50RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.