Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.810 exploits
Referência
CVE-2021-39316
ZoomSounds <= 6.45 Unauthenticated Directory Traversal and Sensitive Information Dislosure
68RISCO
abrir ↗Referência
Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)
Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allo
50RISCO
abrir ↗Referência
CVE-2008-4844
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet
50RISCO
abrir ↗Referência
CVE-2008-4844
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet
50RISCO
abrir ↗Referência
Microsoft Internet Explorer (Windows Vista) - XML Parsing Buffer Overflow
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet
50RISCO
abrir ↗Referência
Microsoft Internet Explorer - XML Parsing Remote Buffer Overflow
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet
50RISCO
abrir ↗Referência
CVE-2018-0934
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution,
35RISCO
abrir ↗Referência
CVE-2016-7240
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a de
35RISCO
abrir ↗Referência
CVE-2012-6096
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga
50RISCO
abrir ↗Referência
CVE-2012-6096
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga
50RISCO
abrir ↗Referência
CVE-2021-32172
Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the
50RISCO
abrir ↗Referência
BadBlue 2.72 - PassThru Remote Buffer Overflow
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attacker
50RISCO
abrir ↗Referência
CVE-2013-2347
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary
50RISCO
abrir ↗Referência
CVE-2011-5010
apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via sh
50RISCO
abrir ↗Referência
Euphonics Audio Player 1.0 - '.pls' Local Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedi
50RISCO
abrir ↗Referência
Euphonics Audio Player 1.0 - '.pls' Universal Local Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedi
50RISCO
abrir ↗Referência
CVE-2017-14496
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-su
35RISCO
abrir ↗Referência
VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long st
50RISCO
abrir ↗Referência
VUPlayer 2.44 - '.m3u' UNC Name Buffer Overflow (Metasploit)
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long st
50RISCO
abrir ↗Referência
CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
50RISCO
abrir ↗Referência
CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
50RISCO
abrir ↗Referência
CVE-2015-2295
Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before
35RISCO
abrir ↗Referência
CVE-2015-2295
Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before
35RISCO
abrir ↗Referência
CVE-2013-6194
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a
50RISCO
abrir ↗Referência
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_includ
35RISCO
abrir ↗Referência
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_includ
35RISCO
abrir ↗Referência
CVE-2023-30806
Sangfor Next-Gen Application Firewall PHPSESSID Command Injection
60RISCO
abrir ↗Referência
CVE-2023-30805
Sangfor Next-Gen Application Firewall Login Un Param Command Injection
60RISCO
abrir ↗Referência
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote att
50RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.