Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
SNMPv3 - HMAC Validation error Remote Authentication Bypass
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-S
35RISCO
abrir
Referência
CVE-2014-6039
ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has a Credentials Disclosure Vulnerability. Fixed versio
50RISCO
abrir
Referência
Persism CMS 0.9.2 - system[path] Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Persism CMS 0.9.2 and earlier allow remote attackers to execute ar
35RISCO
abrir
Referência
CVE-2017-8670
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code
35RISCO
abrir
Referência
CVE-2012-5687
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13
50RISCO
abrir
Referência
CVE-2016-7286
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (m
35RISCO
abrir
Referência
CVE-2016-7286
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (m
35RISCO
abrir
Referência
CVE-2016-7287
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary c
35RISCO
abrir
Referência
CVE-2016-7287
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary c
35RISCO
abrir
Referência
PHP blue dragon CMS 3.0.0 - Remote File Inclusion
PHP remote file inclusion vulnerability in public_includes/pub_blocks/activecontent.php in Php Blue Dragon CMS 3.0.0 all
35RISCO
abrir
Referência
CVE-2018-10093
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
50RISCO
abrir
Referência
CVE-2018-10093
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
50RISCO
abrir
Referência
XOOPS Module icontent 1.0/4.5 - Remote File Inclusion
PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS a
35RISCO
abrir
Referência
CVE-2015-7611
Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary syst
50RISCO
abrir
Referência
CVE-2015-7611
Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary syst
50RISCO
abrir
Referência
CVE-2009-2227
Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrar
50RISCO
abrir
Referência
CVE-2018-15473
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticati
70RISCO
abrir
Referência
CVE-2018-15473
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticati
70RISCO
abrir
Referência
CVE-2003-0727
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to
50RISCO
abrir
Referência
CVE-2016-0099
CVE-2016-0099HIGHsob ataqueransomware
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
98RISCO
abrir
Referência
CVE-2016-11021
CVE-2016-11021HIGHsob ataque
setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in th
98RISCO
abrir
Referência
CVE-2017-11893
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execut
35RISCO
abrir
Referência
CVE-2015-3628
The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.
50RISCO
abrir
Referência
CVE-2015-3628
The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.
50RISCO
abrir
Referência
CVE-2014-8799
Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2
50RISCO
abrir
Referência
CVE-2015-7645
CVE-2015-7645HIGHsob ataqueransomware
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535
83RISCO
abrir
Referência
CVE-2015-7645
CVE-2015-7645HIGHsob ataqueransomware
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535
83RISCO
abrir
Referência
CVE-2014-1635
Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote a
50RISCO
abrir
Referência
Flip 2.01 final - 'previewtheme.php?inc_path' Remote File Inclusion
PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote
35RISCO
abrir
Referência
CVE-2018-8355
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft brow
35RISCO
abrir
anteriorpágina 42 / 660próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.