Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit300
Cisco IKE Information Disclosure
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x
100RISCO
abrir ↗Metasploit300
BIND TSIG Query Denial of Service
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly
60RISCO
abrir ↗Metasploit600
MagniComp SysInfo mcsiwrapper Privilege Escalation
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow
38RISCO
abrir ↗Metasploit600
BuilderEngine Arbitrary File Upload Vulnerability and execution
BuilderEngine 3.5.0 RCE via Unauthenticated Arbitrary File Upload
63RISCO
abrir ↗Metasploit500
Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution
Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.
23RISCO
abrir ↗Metasploit0
WebKit not_number defineProperties UAF
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory
98RISCO
abrir ↗Metasploit400
Safari Webkit JIT Exploit for iOS 7.1.2
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud b
30RISCO
abrir ↗Metasploit0
WebKit not_number defineProperties UAF
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denia
91RISCO
abrir ↗Metasploit0
WebKit not_number defineProperties UAF
The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
90RISCO
abrir ↗Metasploit400
Safari Webkit JIT Exploit for iOS 7.1.2
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS b
38RISCO
abrir ↗Metasploit400
AF_PACKET chocobo_root Privilege Escalation
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cau
43RISCO
abrir ↗Metasploit300
ColoradoFTP Server 1.3 Build 8 Directory Traversal Information Disclosure
ColoradoFTP Server <= 1.3 Build 8 Path Traversal Information Disclosure
63RISCO
abrir ↗Metasploit300
Zabbix toggle_ids SQL Injection
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQ
40RISCO
abrir ↗Metasploit300
Internet Explorer Iframe Sandbox File Name Disclosure Vulnerability
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the f
30RISCO
abrir ↗Metasploit600
Trend Micro Smart Protection Server Exec Remote Code Injection
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330
30RISCO
abrir ↗Metasploit300
DLL Side Loading Vulnerability in VMware Host Guest Client Redirector
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 t
43RISCO
abrir ↗Metasploit300
NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillanc
50RISCO
abrir ↗Metasploit600
NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 th
60RISCO
abrir ↗Metasploit600
NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR Rea
60RISCO
abrir ↗Metasploit600
SonicWall Global Management System XMLRPC set_time_zone Unauth RCE
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before
23RISCO
abrir ↗Metasploit0
Oracle Weblogic Server Deserialization RCE - MarshalledObject
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12
40RISCO
abrir ↗Metasploit600
Tiki Wiki Unauthenticated File Upload Vulnerability
Tiki Wiki <= 15.1 ELFinder Unauthenticated File Upload RCE
63RISCO
abrir ↗Metasploit500
NetBSD mail.local Privilege Escalation
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or
38RISCO
abrir ↗Metasploit300
WebNMS Framework Server Arbitrary Text File Download
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows rem
60RISCO
abrir ↗Metasploit300
WebNMS Framework Server Credential Disclosure
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependen
50RISCO
abrir ↗Metasploit600
WebNMS Framework Server Arbitrary File Upload
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remot
60RISCO
abrir ↗Metasploit300
WebNMS Framework Server Credential Disclosure
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows rem
60RISCO
abrir ↗Metasploit600
Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution
Riverbed SteelCentral NetProfiler / NetExpress 10.8.7 RCE
63RISCO
abrir ↗Metasploit600
Panda Security PSEvents Privilege Escalation
Panda Security PSEvents.exe Insecure DLL Loading Privilege Escalation
36RISCO
abrir ↗Metasploit600
SugarCRM REST Unserialize PHP Code Execution
SugarCRM PHP Deserialization RCE
63RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.