Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit600
Geutebruck instantrec Remote Command Execution
UDP Technology/Geutebrück camera devices: Buffer overflow in action parameter leading to RCE
48RISCO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: command injection leading to RCE
58RISCO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Authentication Bypass
65RISCO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RISCO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RISCO
abrir ↗Metasploit600
Geutebruck Multiple Remote Command Execution
UDP Technology/Geutebrück camera devices: Command injection in preserve parameter leading to RCE
48RISCO
abrir ↗Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing
85RISCO
abrir ↗Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
Sage X3 AdxAdmin Exposure of Sensitive Information to an Unauthorized Actor
40RISCO
abrir ↗Metasploit500
Netfilter x_tables Heap OOB Write Privilege Escalation
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RISCO
abrir ↗Metasploit600
ForgeRock / OpenAM Jato Java Deserialization
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pa
100RISCO
abrir ↗Metasploit600
Moodle SpellChecker Path Authenticated Remote Command Execution
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted s
41RISCO
abrir ↗Metasploit600
Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution
SP Project & Document Manager <2 4.22 - Authenticated Shell Upload
30RISCO
abrir ↗Metasploit600
elFinder Archive Command Injection
Multiple vulnerabilities leading to RCE
75RISCO
abrir ↗Metasploit300
Wordpress Popular Posts Authenticated RCE
WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload
78RISCO
abrir ↗Metasploit300
Print Spooler Remote DLL Injection
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir ↗Metasploit300
Print Spooler Remote DLL Injection
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir ↗Metasploit600
Polkit D-Bus Authentication Bypass
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privile
91RISCO
abrir ↗Metasploit300
Squid Proxy Range Header DoS
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a
40RISCO
abrir ↗Metasploit300
Squid Proxy Range Header DoS
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to
23RISCO
abrir ↗Metasploit600
VMware vCenter Server Virtual SAN Health Check Plugin RCE
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual
100RISCO
abrir ↗Metasploit600
ExifTool DjVu ANT Perl injection
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RISCO
abrir ↗Metasploit600
IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE
lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It
50RISCO
abrir ↗Metasploit600
Microsoft SharePoint Unsafe Control and ViewState RCE
Microsoft SharePoint Remote Code Execution Vulnerability
48RISCO
abrir ↗Metasploit500
Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE
Linux kernel eBPF bitwise ops ALU32 bounds tracking
41RISCO
abrir ↗Metasploit300
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
100RISCO
abrir ↗Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir ↗Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISCO
abrir ↗Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir ↗Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISCO
abrir ↗Metasploit600
Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)
Cisco HyperFlex HX Data Platform File Upload Vulnerability
50RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.