Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
CVE-2017-0147HIGHsob ataqueransomware14 mar 2017
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
CVE-2017-0143HIGHsob ataqueransomware14 mar 2017
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
CVE-2017-0148HIGHsob ataqueransomware14 mar 2017
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
CVE-2017-0146HIGHsob ataqueransomware14 mar 2017
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
CVE-2017-0143HIGHsob ataqueransomware14 mar 2017
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
CVE-2017-0143HIGHsob ataqueransomware14 mar 2017
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
Metasploit400
Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
CVE-2017-1652414 mar 2017
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_u
50RISCO
abrir
Metasploit400
Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
CVE-2015-827914 mar 2017
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an un
30RISCO
abrir
Metasploit300
DnaLIMS Directory Traversal
CVE-2017-652708 mar 2017
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal att
50RISCO
abrir
Metasploit600
dnaLIMS Admin Module Command Execution
CVE-2017-652608 mar 2017
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution throug
50RISCO
abrir
Metasploit600
Apache Struts Jakarta Multipart Parser OGNL Injection
CVE-2017-5638CRITICALsob ataqueransomware07 mar 2017
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RISCO
abrir
Metasploit300
Easy File Sharing FTP Server 3.6 Directory Traversal
CVE-2017-651007 mar 2017
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker t
23RISCO
abrir
Metasploit300
FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow
CVE-2018-757304 mar 2017
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with t
50RISCO
abrir
Metasploit600
DC/OS Marathon UI Docker Exploit
CVE-2017-20198CRITICAL03 mar 2017
DC/OS Marathon UI < 1.9.0 Unauthenticated RCE via Docker Mount Abuse
43RISCO
abrir
Metasploit300
SysGauge 1.5.18 SMTP Validation Buffer Overflow
CVE-2017-641628 fev 2017
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arb
23RISCO
abrir
Metasploit600
Logsign Remote Command Injection
CVE-2024-5721HIGH26 fev 2017
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
36RISCO
abrir
Metasploit600
Netgear DGN2200 dnslookup.cgi Command Injection
CVE-2017-6334HIGHsob ataque25 fev 2017
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute ar
100RISCO
abrir
Metasploit300
Kodi 17.0 Local File Inclusion Vulnerability
CVE-2017-598212 fev 2017
Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files v
40RISCO
abrir
Metasploit600
Piwik Superuser Plugin Upload
CVE-2025-34104CRITICAL05 fev 2017
Piwik Authenticated RCE via Custom Plugin Upload
43RISCO
abrir
Metasploit300
Postfixadmin Protected Alias Deletion Vulnerability
CVE-2017-593003 fev 2017
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected al
23RISCO
abrir
Metasploit300
WordPress REST API Content Injection
CVE-2017-100100001 fev 2017
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in Wor
40RISCO
abrir
Metasploit600
AlienVault OSSIM/USM Remote Code Execution
CVE-2016-858231 jan 2017
A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbit
50RISCO
abrir
Metasploit600
Haraka SMTP Command Injection
CVE-2016-100028226 jan 2017
Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlie
23RISCO
abrir
Metasploit600
Oracle Weblogic Server Deserialization RCE - RMI UnicastRef
CVE-2017-324825 jan 2017
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Suppo
60RISCO
abrir
Metasploit300
Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE
CVE-2017-1151724 jan 2017
Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote at
43RISCO
abrir
Metasploit300
Advantech WebAccess 8.1 Post Authentication Credential Collector
CVE-2016-581021 jan 2017
upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive
23RISCO
abrir
Metasploit500
Cisco WebEx Chrome Extension RCE (CVE-2017-3823)
CVE-2017-382321 jan 2017
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Conta
23RISCO
abrir
Metasploit600
Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution
CVE-2017-639815 jan 2017
An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user
30RISCO
abrir
Metasploit400
Debian/Ubuntu ntfs-3g Local Privilege Escalation
CVE-2017-0358HIGH05 jan 2017
ntfs-3g: Modprobe influence vulnerability via environment variables
56RISCO
abrir
Metasploit600
TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection
CVE-2017-1837026 dez 2016
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in t
23RISCO
abrir
anteriorpágina 43 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.