Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
CVE-2017-5521
CVE-2017-5521HIGHsob ataque
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R
100RISCO
abrir
Referência
CVE-2013-1359
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5
60RISCO
abrir
Referência
CVE-2013-1359
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5
60RISCO
abrir
Referência
CVE-2013-1359
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5
60RISCO
abrir
Referência
CVE-2022-0847
CVE-2022-0847HIGHsob ataque
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RISCO
abrir
Referência
CVE-2022-0847
CVE-2022-0847HIGHsob ataque
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RISCO
abrir
Referência
CVE-2022-0847
CVE-2022-0847HIGHsob ataque
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RISCO
abrir
Referência
CVE-2022-0847
CVE-2022-0847HIGHsob ataque
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in cop
100RISCO
abrir
Referência
CVE-2014-4977
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
60RISCO
abrir
Referência
CVE-2014-4977
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
60RISCO
abrir
Referência
CVE-2014-4977
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute
60RISCO
abrir
Referência
CVE-2020-25213
CVE-2020-25213CRITICALsob ataque
The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitra
100RISCO
abrir
Referência
CVE-2021-34523
CVE-2021-34523CRITICALsob ataqueransomware
Microsoft Exchange Server Elevation of Privilege Vulnerability
100RISCO
abrir
Referência
CVE-2016-2107
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a
45RISCO
abrir
Referência
CVE-2016-2107
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a
45RISCO
abrir
Referência
CVE-2011-1865
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow
60RISCO
abrir
Referência
CVE-2011-1865
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow
60RISCO
abrir
Referência
CVE-2011-1865
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow
60RISCO
abrir
Referência
CVE-2011-1865
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow
60RISCO
abrir
Referência
CVE-2021-43798
CVE-2021-43798HIGHsob ataque
Grafana path traversal
100RISCO
abrir
Referência
CVE-2021-43798
CVE-2021-43798HIGHsob ataque
Grafana path traversal
100RISCO
abrir
Referência
CVE-2019-2729
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supporte
85RISCO
abrir
Referência
CVE-2011-3923
Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class an
60RISCO
abrir
Referência
CVE-2010-3209
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code
23RISCO
abrir
Referência
CVE-2018-1000115
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vuln
60RISCO
abrir
Referência
CVE-2018-1000115
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vuln
60RISCO
abrir
Referência
CVE-2014-3120
CVE-2014-3120HIGHsob ataque
The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execut
100RISCO
abrir
Referência
CVE-2020-8794
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for mult
60RISCO
abrir
Referência
CVE-2024-13161
CVE-2024-13161CRITICALsob ataque
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Up
100RISCO
abrir
Referência
CVE-2020-8193
CVE-2020-8193MEDIUMsob ataque
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14
100RISCO
abrir
anteriorpágina 16 / 660próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.