Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.791 exploits
Referência
CVE-2011-2921
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified com
60RISCO
abrir ↗Referência
CVE-2019-1619
Cisco Data Center Network Manager Authentication Bypass Vulnerability
85RISCO
abrir ↗Referência
CVE-2019-1619
Cisco Data Center Network Manager Authentication Bypass Vulnerability
85RISCO
abrir ↗Referência
CVE-2012-5958
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
60RISCO
abrir ↗Referência
CVE-2014-4511
Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in
60RISCO
abrir ↗Referência
CVE-2014-4511
Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in
60RISCO
abrir ↗Referência
CVE-2014-4511
Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in
60RISCO
abrir ↗Referência
CVE-2014-4511
Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in
60RISCO
abrir ↗Referência
CVE-2023-43208
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that
100RISCO
abrir ↗Referência
Winamp 5.12 - '.pls' Remote Buffer Overflow (Perl) (2)
Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with
60RISCO
abrir ↗Referência
CVE-2015-5374
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01;
60RISCO
abrir ↗Referência
CVE-2016-0792
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to ex
60RISCO
abrir ↗Referência
CVE-2016-0792
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to ex
60RISCO
abrir ↗Referência
CVE-2023-4634
Media Library Assistant <= 3.09 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution
85RISCO
abrir ↗Referência
CVE-2009-2765
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers
60RISCO
abrir ↗Referência
CVE-2016-7200
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a de
93RISCO
abrir ↗Referência
CVE-2016-7200
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a de
93RISCO
abrir ↗Referência
CVE-2016-7200
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a de
93RISCO
abrir ↗Referência
CVE-2018-0886
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 S
45RISCO
abrir ↗Referência
CVE-2022-28368
Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (
60RISCO
abrir ↗Referência
CVE-2020-15505
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1,
100RISCO
abrir ↗Referência
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUp
100RISCO
abrir ↗Referência
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUp
100RISCO
abrir ↗Referência
CVE-2011-0276
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.secu
60RISCO
abrir ↗Referência
Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2)
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and dis
60RISCO
abrir ↗Referência
Microsoft Internet Explorer - MDAC Remote Code Execution (MS06-014)
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and dis
60RISCO
abrir ↗Referência
CVE-2021-28164
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contai
70RISCO
abrir ↗Referência
CVE-2010-1297
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrob
100RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.