Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit600
SugarCRM REST Unserialize PHP Code Execution
SugarCRM PHP Deserialization RCE
63RISCO
abrir ↗Metasploit300
NetBIOS Response "BadTunnel" Brute Force Spoof (NAT Tunnel)
The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and
40RISCO
abrir ↗Metasploit300
NetBIOS Response "BadTunnel" Brute Force Spoof (NAT Tunnel)
The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and
40RISCO
abrir ↗Metasploit600
Apache Shiro v1.2.4 Cookie RememberME Deserial RCE
Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attack
100RISCO
abrir ↗Metasploit600
Tiki-Wiki CMS Calendar Command Execution
Tiki Wiki CMS Authenticated Command Injection in Calendar Module
36RISCO
abrir ↗Metasploit400
Linux Kernel 4.6.3 Netfilter Privilege Escalation
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux
38RISCO
abrir ↗Metasploit400
Linux Kernel 4.6.3 Netfilter Privilege Escalation
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local
18RISCO
abrir ↗Metasploit600
ActiveMQ web shell upload
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitr
100RISCO
abrir ↗Metasploit600
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, a
60RISCO
abrir ↗Metasploit600
WordPress WP Mobile Detector 3.5 Shell Upload
WP Mobile Detector <= 3.5 - Arbitrary File Upload
48RISCO
abrir ↗Metasploit600
Magento 2.0.6 Unserialize Remote Code Execution
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary
60RISCO
abrir ↗Metasploit300
Internet Explorer 11 VBScript Engine Memory Corruption
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other
100RISCO
abrir ↗Metasploit600
WordPress Ninja Forms Unauthenticated File Upload
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via
50RISCO
abrir ↗Metasploit400
Linux BPF doubleput UAF Privilege Escalation
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly mai
43RISCO
abrir ↗Metasploit600
ImageMagick Delegate Arbitrary Command Execution
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.
100RISCO
abrir ↗Metasploit600
ImageMagick Delegate Arbitrary Command Execution
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams
23RISCO
abrir ↗Metasploit600
Allwinner 3.4 Legacy Kernel Local Privilege Escalation
The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privil
18RISCO
abrir ↗Metasploit600
Apache Struts Dynamic Method Invocation Remote Code Execution
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, a
60RISCO
abrir ↗Metasploit500
Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as
100RISCO
abrir ↗Metasploit300
HP Data Protector Encrypted Communication Remote Command Execution
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary cod
60RISCO
abrir ↗Metasploit600
pfSense authenticated graph status RCE
pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_
30RISCO
abrir ↗Metasploit600
op5 v7.1.9 Configuration Command Execution
OP5 Monitor <= 7.1.9 Authenticated Command Execution via command_test.php
36RISCO
abrir ↗Metasploit600
ExaGrid Known SSH Key and Default Password
ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and
60RISCO
abrir ↗Metasploit600
ExaGrid Known SSH Key and Default Password
ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, whic
60RISCO
abrir ↗Metasploit600
Apache CouchDB Arbitrary Command Execution
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB be
60RISCO
abrir ↗Metasploit600
Apache Continuum Arbitrary Command Execution
Apache Continuum: Command injection leading to RCE
43RISCO
abrir ↗Metasploit600
Apache CouchDB Arbitrary Command Execution
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include pa
60RISCO
abrir ↗Metasploit600
Novell ServiceDesk Authenticated File Upload
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remot
50RISCO
abrir ↗Metasploit300
MS16-032 Secondary Logon Handle Privilege Escalation
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
98RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.