Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit200
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit300
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir ↗Metasploit400
Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_u
50RISCO
abrir ↗Metasploit400
Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an un
30RISCO
abrir ↗Metasploit300
DnaLIMS Directory Traversal
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal att
50RISCO
abrir ↗Metasploit600
dnaLIMS Admin Module Command Execution
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution throug
50RISCO
abrir ↗Metasploit600
Apache Struts Jakarta Multipart Parser OGNL Injection
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RISCO
abrir ↗Metasploit300
Easy File Sharing FTP Server 3.6 Directory Traversal
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker t
23RISCO
abrir ↗Metasploit300
FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with t
50RISCO
abrir ↗Metasploit600
DC/OS Marathon UI Docker Exploit
DC/OS Marathon UI < 1.9.0 Unauthenticated RCE via Docker Mount Abuse
43RISCO
abrir ↗Metasploit300
SysGauge 1.5.18 SMTP Validation Buffer Overflow
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arb
23RISCO
abrir ↗Metasploit600
Logsign Remote Command Injection
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability
36RISCO
abrir ↗Metasploit600
Netgear DGN2200 dnslookup.cgi Command Injection
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute ar
100RISCO
abrir ↗Metasploit300
Kodi 17.0 Local File Inclusion Vulnerability
Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files v
40RISCO
abrir ↗Metasploit600
Piwik Superuser Plugin Upload
Piwik Authenticated RCE via Custom Plugin Upload
43RISCO
abrir ↗Metasploit300
Postfixadmin Protected Alias Deletion Vulnerability
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected al
23RISCO
abrir ↗Metasploit300
WordPress REST API Content Injection
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in Wor
40RISCO
abrir ↗Metasploit600
AlienVault OSSIM/USM Remote Code Execution
A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbit
50RISCO
abrir ↗Metasploit600
Haraka SMTP Command Injection
Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlie
23RISCO
abrir ↗Metasploit600
Oracle Weblogic Server Deserialization RCE - RMI UnicastRef
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Suppo
60RISCO
abrir ↗Metasploit300
Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE
Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote at
43RISCO
abrir ↗Metasploit300
Advantech WebAccess 8.1 Post Authentication Credential Collector
upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive
23RISCO
abrir ↗Metasploit500
Cisco WebEx Chrome Extension RCE (CVE-2017-3823)
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Conta
23RISCO
abrir ↗Metasploit600
Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution
An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user
30RISCO
abrir ↗Metasploit400
Debian/Ubuntu ntfs-3g Local Privilege Escalation
ntfs-3g: Modprobe influence vulnerability via environment variables
56RISCO
abrir ↗Metasploit600
TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in t
23RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.