Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit600
Geutebruck instantrec Remote Command Execution
CVE-2021-33549HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Buffer overflow in action parameter leading to RCE
48RISCO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33544HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: command injection leading to RCE
58RISCO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33543CRITICAL08 jul 2021
UDP Technology/Geutebrück camera devices: Authentication Bypass
65RISCO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33552HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RISCO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33550HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RISCO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33548HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Command injection in preserve parameter leading to RCE
48RISCO
abrir
Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
CVE-2020-7388CRITICAL07 jul 2021
Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing
85RISCO
abrir
Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
CVE-2020-7387MEDIUM07 jul 2021
Sage X3 AdxAdmin Exposure of Sensitive Information to an Unauthorized Actor
40RISCO
abrir
Metasploit500
Netfilter x_tables Heap OOB Write Privilege Escalation
CVE-2021-22555HIGHsob ataque07 jul 2021
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RISCO
abrir
Metasploit600
ForgeRock / OpenAM Jato Java Deserialization
CVE-2021-35464CRITICALsob ataqueransomware29 jun 2021
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pa
100RISCO
abrir
Metasploit600
Moodle SpellChecker Path Authenticated Remote Command Execution
CVE-2021-21809HIGH22 jun 2021
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted s
41RISCO
abrir
Metasploit600
Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution
CVE-2021-2434714 jun 2021
SP Project & Document Manager <2 4.22 - Authenticated Shell Upload
30RISCO
abrir
Metasploit600
elFinder Archive Command Injection
CVE-2021-32682CRITICAL13 jun 2021
Multiple vulnerabilities leading to RCE
75RISCO
abrir
Metasploit300
Wordpress Popular Posts Authenticated RCE
CVE-2021-42362HIGH11 jun 2021
WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload
78RISCO
abrir
Metasploit300
Print Spooler Remote DLL Injection
CVE-2021-34527HIGHsob ataqueransomware08 jun 2021
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir
Metasploit300
Print Spooler Remote DLL Injection
CVE-2021-1675HIGHsob ataqueransomware08 jun 2021
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir
Metasploit600
Polkit D-Bus Authentication Bypass
CVE-2021-3560HIGHsob ataque03 jun 2021
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privile
91RISCO
abrir
Metasploit300
Squid Proxy Range Header DoS
CVE-2021-3180627 mai 2021
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a
40RISCO
abrir
Metasploit300
Squid Proxy Range Header DoS
CVE-2021-3180727 mai 2021
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to
23RISCO
abrir
Metasploit600
VMware vCenter Server Virtual SAN Health Check Plugin RCE
CVE-2021-21985CRITICALsob ataqueransomware25 mai 2021
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual
100RISCO
abrir
Metasploit600
ExifTool DjVu ANT Perl injection
CVE-2021-22204MEDIUMsob ataque24 mai 2021
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RISCO
abrir
Metasploit600
IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE
CVE-2021-3339317 mai 2021
lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It
50RISCO
abrir
Metasploit600
Microsoft SharePoint Unsafe Control and ViewState RCE
CVE-2021-31181HIGH11 mai 2021
Microsoft SharePoint Remote Code Execution Vulnerability
48RISCO
abrir
Metasploit500
Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE
CVE-2021-3490HIGH11 mai 2021
Linux kernel eBPF bitwise ops ALU32 bounds tracking
41RISCO
abrir
Metasploit300
Windows IIS HTTP Protocol Stack DOS
CVE-2021-31166CRITICALsob ataque11 mai 2021
HTTP Protocol Stack Remote Code Execution Vulnerability
100RISCO
abrir
Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
CVE-2021-41773HIGHsob ataqueransomware10 mai 2021
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir
Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
CVE-2021-42013CRITICALsob ataqueransomware10 mai 2021
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISCO
abrir
Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
CVE-2021-41773HIGHsob ataqueransomware10 mai 2021
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir
Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
CVE-2021-42013CRITICALsob ataqueransomware10 mai 2021
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISCO
abrir
Metasploit600
Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)
CVE-2021-1499MEDIUM05 mai 2021
Cisco HyperFlex HX Data Platform File Upload Vulnerability
50RISCO
abrir
anteriorpágina 21 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.