Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit600
Themebleed- Windows 11 Themes Arbitrary Code Execution CVE-2023-38146
Windows Themes Remote Code Execution Vulnerability
48RISCO
abrir ↗Metasploit400
Apache Superset Signed Cookie RCE
Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
45RISCO
abrir ↗Metasploit400
Apache Superset Signed Cookie RCE
Apache Superset: Metadata db write access can lead to remote code execution
53RISCO
abrir ↗Metasploit400
Apache Superset Signed Cookie RCE
Apache Superset: Session validation vulnerability when using provided default SECRET_KEY
100RISCO
abrir ↗Metasploit600
VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key g
75RISCO
abrir ↗Metasploit600
LG Simple Editor Remote Code Execution
LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability
65RISCO
abrir ↗Metasploit600
WinRAR CVE-2023-38831 Exploit
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a
100RISCO
abrir ↗Metasploit600
Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035)
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an
100RISCO
abrir ↗Metasploit300
ThinManager Path Traversal (CVE-2023-2917) Arbitrary File Upload
Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
55RISCO
abrir ↗Metasploit600
Junos OS PHPRC Environment Variable Manipulation RCE
Junos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control an important environment variable
100RISCO
abrir ↗Metasploit300
ThinManager Path Traversal (CVE-2023-2915) Arbitrary File Delete
Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
58RISCO
abrir ↗Metasploit600
Ivanti Avalanche MDM Buffer Overflow
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disrup
78RISCO
abrir ↗Metasploit600
PRTG CVE-2023-32781 Authenticated RCE
A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an au
23RISCO
abrir ↗Metasploit600
CrushFTP Unauthenticated RCE
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes
60RISCO
abrir ↗Metasploit600
LG Simple Editor Command Injection (CVE-2023-40504)
LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability
65RISCO
abrir ↗Metasploit600
Eramba (up to 3.19.1) Authenticated Remote Code Execution Module
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrar
30RISCO
abrir ↗Metasploit600
RaspAP Unauthenticated Command Injection
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary comma
60RISCO
abrir ↗Metasploit600
Maltrail Unauthenticated Command Injection
stamparm/maltrail <=0.54 Remote Command Execution
63RISCO
abrir ↗Metasploit600
Greenshot .NET Deserialization Fileformat Exploit
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .green
38RISCO
abrir ↗Metasploit300
GameOver(lay) Privilege Escalation and Container Escape
Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks
56RISCO
abrir ↗Metasploit300
GameOver(lay) Privilege Escalation and Container Escape
On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlay
61RISCO
abrir ↗Metasploit600
Metabase Setup Token RCE
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary comman
60RISCO
abrir ↗Metasploit300
Citrix ADC (NetScaler) Forms SSO Target RCE
Unauthenticated remote code execution
100RISCO
abrir ↗Metasploit600
BoidCMS Command Injection
File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header t
50RISCO
abrir ↗Metasploit600
Sonicwall
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and
58RISCO
abrir ↗Metasploit600
Sonicwall
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the
18RISCO
abrir ↗Metasploit600
Sonicwall
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GM
58RISCO
abrir ↗Metasploit600
Sonicwall
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authenticatio
75RISCO
abrir ↗Metasploit600
Microsoft Error Reporting Local Privilege Elevation Vulnerability
Windows Error Reporting Service Elevation of Privilege Vulnerability
98RISCO
abrir ↗Metasploit600
OpenTSDB 2.4.1 unauthenticated command injection
Remote Code Execution in OpenTSDB
68RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.