Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.002exploits catalogados
31.582CVEs com exploração pública
19.780 exploits
Referência
CVE-2026-56111
Marlin Firmware 2.1.2.7 Out-of-Bounds Write via M421 G-code Handler
41RISCO
abrir
Referência
CVE-2026-9710
Themeco Cornerstone < 7.8.8 (Premium, bundled with X Theme) - Subscriber+ Arbitrary User Password Hash Disclosure
41RISCO
abrir
Referência
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman
60RISCO
abrir
Referência
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman
60RISCO
abrir
Referência
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman
60RISCO
abrir
Referência
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman
60RISCO
abrir
Referência
CVE-2016-10045
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail comman
60RISCO
abrir
Referência
CVE-2020-14883
CVE-2020-14883HIGHsob ataque
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
100RISCO
abrir
Referência
CVE-2014-0112
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which all
60RISCO
abrir
Referência
CVE-2020-17519
CVE-2020-17519CRITICALsob ataque
Apache Flink directory traversal attack: reading remote files through the REST API
100RISCO
abrir
Referência
CVE-2010-1653
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! a
43RISCO
abrir
Referência
CVE-2023-6553
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
85RISCO
abrir
Referência
CVE-2020-11738
CVE-2020-11738HIGHsob ataque
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traver
100RISCO
abrir
Referência
CVE-2020-11738
CVE-2020-11738HIGHsob ataque
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traver
100RISCO
abrir
Referência
CVE-2023-38831
CVE-2023-38831HIGHsob ataqueransomware
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a
100RISCO
abrir
Referência
CVE-2022-21661
SQL injection in WordPress
78RISCO
abrir
Referência
CVE-2026-7740
justdan96 tsMuxer vvc.cpp setFPS denial of service
33RISCO
abrir
Referência
CVE-2026-7739
justdan96 tsMuxer hevc.cpp setFPS denial of service
33RISCO
abrir
Referência
CVE-2026-7738
puchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversal
33RISCO
abrir
Referência
CVE-2018-15745
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F
60RISCO
abrir
Referência
CVE-2018-15745
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F
60RISCO
abrir
Referência
CVE-2019-16662
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to a
60RISCO
abrir
Referência
CVE-2019-16662
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to a
60RISCO
abrir
Referência
CVE-2025-32433
CVE-2025-32433CRITICALsob ataque
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
100RISCO
abrir
Referência
CVE-2016-7621
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchO
23RISCO
abrir
Referência
CVE-2019-19781
CVE-2019-19781CRITICALsob ataqueransomware
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. Th
100RISCO
abrir
Referência
CVE-2026-7732
code-projects BloodBank Managing System request_blood.php unrestricted upload
33RISCO
abrir
Referência
CVE-2022-43769
CVE-2022-43769HIGHsob ataque
Hitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
100RISCO
abrir
Referência
CVE-2015-7450
CVE-2015-7450CRITICALsob ataque
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and
100RISCO
abrir
Referência
CVE-2023-0315
Command Injection in froxlor/froxlor
78RISCO
abrir

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.