Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
19.810 exploits
Referência
CVE-2017-14147
An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to ea
35RISCO
abrir
Referência
CVE-2017-14147
An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to ea
35RISCO
abrir
Referência
CVE-2010-4279
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which al
50RISCO
abrir
Referência
CVE-2010-4279
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which al
50RISCO
abrir
Referência
CVE-2010-4279
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which al
50RISCO
abrir
Referência
CVE-2011-3175
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allo
50RISCO
abrir
Referência
CVE-2018-0860
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remot
35RISCO
abrir
Referência
CVE-2018-0837
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remot
35RISCO
abrir
Referência
CVE-2018-0835
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remot
35RISCO
abrir
Referência
CVE-2018-0838
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remot
35RISCO
abrir
Referência
CVE-2018-6328
It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, w
50RISCO
abrir
Referência
CVE-2018-6328
It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, w
50RISCO
abrir
Referência
CVE-2009-4988
Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote atta
50RISCO
abrir
Referência
CVE-2018-0767
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain info
35RISCO
abrir
Referência
CVE-2017-11911
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code i
35RISCO
abrir
Referência
CVE-2017-11909
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code i
35RISCO
abrir
Referência
CVE-2017-11811
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker
35RISCO
abrir
Referência
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before
50RISCO
abrir
Referência
CVE-2012-3399
Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell metacharacters in the
50RISCO
abrir
Referência
CVE-2011-3322
Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions before 1.14, allows
50RISCO
abrir
Referência
CVE-2024-3272
CVE-2024-3272CRITICALsob ataque
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials
100RISCO
abrir
Referência
TFTP Server for Windows 1.4 - ST Remote BSS Overflow
Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execut
50RISCO
abrir
Referência
CVE-2018-7297
Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers
35RISCO
abrir
Referência
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch funct
35RISCO
abrir
Referência
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch funct
35RISCO
abrir
Referência
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, beca
50RISCO
abrir
Referência
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, beca
50RISCO
abrir
Referência
CVE-2019-0211
CVE-2019-0211HIGHsob ataque
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privilege
83RISCO
abrir
Referência
CVE-2019-0211
CVE-2019-0211HIGHsob ataque
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privilege
83RISCO
abrir
Referência
CVE-2019-0211
CVE-2019-0211HIGHsob ataque
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privilege
83RISCO
abrir
anteriorpágina 47 / 661próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.