Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8.069Nuclei 4.188Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit300
Path Traversal in Oracle GlassFish Server Open Source Edition
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Trave
60RISCO
abrir ↗Metasploit300
PCMAN FTP Server Buffer Overflow - PUT Command
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USE
50RISCO
abrir ↗Metasploit600
Hak5 WiFi Pineapple Preconfiguration Command Injection
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
50RISCO
abrir ↗Metasploit600
Hak5 WiFi Pineapple Preconfiguration Command Injection
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
50RISCO
abrir ↗Metasploit600
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticat
50RISCO
abrir ↗Metasploit600
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers t
50RISCO
abrir ↗Metasploit600
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticat
43RISCO
abrir ↗Metasploit300
Heroes of Might and Magic III .h3m Map file Buffer Overflow
Heroes of Might and Magic III .h3m Map File Buffer Overflow
36RISCO
abrir ↗Metasploit300
BIND TKEY Query Denial of Service
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (
60RISCO
abrir ↗Metasploit300
Moxa Device Credential Retrieval
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 52
48RISCO
abrir ↗Metasploit500
Libuser roothelper Privilege Escalation
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in t
38RISCO
abrir ↗Metasploit500
Libuser roothelper Privilege Escalation
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly mod
38RISCO
abrir ↗Metasploit500
Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation
dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to g
18RISCO
abrir ↗Metasploit0
MS15-078 Microsoft Windows Font Driver Buffer Overflow
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2
100RISCO
abrir ↗Metasploit0
ManageEngine EventLog Analyzer Remote Code Execution
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions
60RISCO
abrir ↗Metasploit0
MS15-078 Microsoft Windows Font Driver Buffer Overflow
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Wi
43RISCO
abrir ↗Metasploit300
Accellion FTA 'statecode' Cookie Arbitrary File Read
Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices
30RISCO
abrir ↗Metasploit600
X11 Keyboard Command Injection
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
23RISCO
abrir ↗Metasploit600
Accellion FTA getStatus verify_oauth_token Command Execution
Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metach
60RISCO
abrir ↗Metasploit500
Western Digital Arkeia Remote Code Execution
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to b
60RISCO
abrir ↗Metasploit300
OpenSSL Alternative Chains Certificate Forgery MITM Proxy
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly
50RISCO
abrir ↗Metasploit500
Adobe Flash opaqueBackground Use After Free
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player
100RISCO
abrir ↗Metasploit500
Adobe Flash Player ByteArray Use After Free
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.
100RISCO
abrir ↗Metasploit500
Apple OS X Entitlements Rootpipe Privilege Escalation
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allow
38RISCO
abrir ↗Metasploit600
Watchguard XCS Remote Command Execution
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell
50RISCO
abrir ↗Metasploit600
Endian Firewall Proxy Password Change Command Injection
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW
50RISCO
abrir ↗Metasploit400
Pallete Projects Werkzeug Debugger Remote Code Execution
Werkzeug's improper usage of a pathname and improper CSRF protection results in the remote command execution
36RISCO
abrir ↗Metasploit500
Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows an
100RISCO
abrir ↗Metasploit500
Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457
100RISCO
abrir ↗Metasploit400
Overlayfs Privilege Escalation
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does no
50RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.