Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
CVE-2021-25296
CVE-2021-25296HIGHsob ataque
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi
100RISCO
abrir
Referência
CVE-2021-39327
BulletProof Security <= 5.1 Sensitive Information Disclosure
70RISCO
abrir
Referência
Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure
BulletProof Security <= 5.1 Sensitive Information Disclosure
70RISCO
abrir
Referência
CVE-2016-1560
ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and
60RISCO
abrir
Referência
CVE-2017-6334
CVE-2017-6334HIGHsob ataque
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute ar
100RISCO
abrir
Referência
CVE-2017-6334
CVE-2017-6334HIGHsob ataque
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute ar
100RISCO
abrir
Referência
CVE-2017-6334
CVE-2017-6334HIGHsob ataque
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute ar
100RISCO
abrir
Referência
CVE-2017-8729
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current u
45RISCO
abrir
Referência
CVE-2019-16724
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Excepti
60RISCO
abrir
Referência
CVE-2019-16724
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Excepti
60RISCO
abrir
Referência
File Sharing Wizard 1.5.0 - POST SEH Overflow
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Excepti
60RISCO
abrir
Referência
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute
53RISCO
abrir
Referência
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute
53RISCO
abrir
Referência
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute
53RISCO
abrir
Referência
CVE-2015-2455
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2
35RISCO
abrir
Referência
CVE-2018-6008
Arbitrary File Download exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter
50RISCO
abrir
Referência
CVE-2018-6008
Arbitrary File Download exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter
50RISCO
abrir
Referência
CVE-2017-11741
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo help
23RISCO
abrir
Referência
CVE-2014-4880
Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote atta
60RISCO
abrir
Referência
CVE-2014-0307
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause
60RISCO
abrir
Referência
CVE-2025-34299
Monsta FTP <= 2.11 Unauthenticated Arbitrary File Upload
85RISCO
abrir
Referência
Ncaster 1.7.2 - 'archive.php' Remote File Inclusion
PHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to
45RISCO
abrir
Referência
CVE-2014-0514
The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows r
60RISCO
abrir
Referência
CVE-2014-0514
The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows r
60RISCO
abrir
Referência
CVE-2014-0514
The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows r
60RISCO
abrir
Referência
Squid < 3.1 5 - HTTP Version Number Parsing Denial of Service
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service v
45RISCO
abrir
Referência
CVE-2017-16709
Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote
60RISCO
abrir
Referência
CVE-2017-8540
CVE-2017-8540HIGHsob ataque
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
93RISCO
abrir
Referência
CVE-2013-3623
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Managemen
60RISCO
abrir
Referência
CVE-2010-2263
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or
60RISCO
abrir
anteriorpágina 36 / 660próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.