Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit500
SMB DOUBLEPULSAR Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit500
SMB DOUBLEPULSAR Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit600
Microsoft Office Word Malicious Hta Execution
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Window
100RISCO
abrir ↗Metasploit600
Juju-run Agent Privilege Escalation
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate pe
50RISCO
abrir ↗Metasploit600
Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution
A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in
40RISCO
abrir ↗Metasploit600
Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution
On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows
40RISCO
abrir ↗Metasploit300
Quest Privilege Manager pmmasterd Buffer Overflow
Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full
50RISCO
abrir ↗Metasploit300
Satel Iberia SenNet Data Logger and Electricity Meters Command Injection Vulnerability
A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity Meters: SenNet Optimal DataL
23RISCO
abrir ↗Metasploit400
MediaWiki SyntaxHighlight extension option injection vulnerability
Parameters injection in SyntaxHighlight results in multiple vulnerabilities
23RISCO
abrir ↗Metasploit300
TYPO3 News Module SQL Injection
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated
30RISCO
abrir ↗Metasploit300
HP Jetdirect Path Traversal Arbitrary Code Execution
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmwa
60RISCO
abrir ↗Metasploit300
Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9
50RISCO
abrir ↗Metasploit300
Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow
A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9
50RISCO
abrir ↗Metasploit400
AF_PACKET packet_set_ring Privilege Escalation
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate cer
43RISCO
abrir ↗Metasploit0
Microsoft IIS WebDav ScStoragePathFromUrl Overflow
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in
100RISCO
abrir ↗Metasploit600
Samba is_known_pipename() Arbitrary Module Load
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allo
100RISCO
abrir ↗Metasploit300
Razer Synapse rzpnk.sys ZwOpenProcess
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpe
60RISCO
abrir ↗Metasploit600
SolarWinds LEM Default SSH Password Remote Code Execution
In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is acce
23RISCO
abrir ↗Metasploit300
Cisco IOS Telnet Denial of Service
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software co
100RISCO
abrir ↗Metasploit500
Dup Scout Enterprise GET Buffer Overflow
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9
40RISCO
abrir ↗Metasploit500
Sync Breeze Enterprise GET Buffer Overflow
Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username
23RISCO
abrir ↗Metasploit600
Github Enterprise Default Session Secret And Deserialization Vulnerability
The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated r
23RISCO
abrir ↗Metasploit500
Disk Sorter Enterprise GET Buffer Overflow
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrar
23RISCO
abrir ↗Metasploit500
VX Search Enterprise GET Buffer Overflow
Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary c
23RISCO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.