Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit300
Hikvision DVR RTSP Request Remote Code Execution
Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote atta
60RISCO
abrir ↗Metasploit500
HP Performance Monitoring xglance Priv Esc
Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via u
38RISCO
abrir ↗Metasploit300
MS14-068 Microsoft Kerberos Checksum Validation Vulnerability
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008
100RISCO
abrir ↗Metasploit300
Cisco DLSw Information Disclosure Scanner
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensiti
23RISCO
abrir ↗Metasploit400
MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows
100RISCO
abrir ↗Metasploit600
MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2
100RISCO
abrir ↗Metasploit600
WordPress Photo Gallery Unrestricted File Upload
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
50RISCO
abrir ↗Metasploit400
Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on
60RISCO
abrir ↗Metasploit200
MS14-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2)
43RISCO
abrir ↗Metasploit300
ManageEngine Password Manager SQLAdvancedALSearchResult.cc Pro SQL Injection
Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Servi
50RISCO
abrir ↗Metasploit500
MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arb
50RISCO
abrir ↗Metasploit500
MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability
The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a cr
50RISCO
abrir ↗Metasploit300
i-FTP Schedule Buffer Overflow
i-Ftp 2.20 Schedule.xml Stack-Based Buffer Overflow
36RISCO
abrir ↗Metasploit300
ManageEngine Eventlog Analyzer Managed Hosts Administrator Credential Disclosure
ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has a Credentials Disclosure Vulnerability. Fixed versio
50RISCO
abrir ↗Metasploit300
ManageEngine Eventlog Analyzer Managed Hosts Administrator Credential Disclosure
Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002 have a database Information Disclosure Vulnerabili
60RISCO
abrir ↗Metasploit600
Visual Mining NetCharts Server Remote Code Execution
Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows remote attackers to execute arbitrary co
60RISCO
abrir ↗Metasploit600
HP Data Protector 8.10 Remote Command Execution
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown
60RISCO
abrir ↗Metasploit600
tnftp "savefile" Arbitrary Command Execution
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 thro
50RISCO
abrir ↗Metasploit600
X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution
lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated users to execute arbitrary PHP code via a c
50RISCO
abrir ↗Metasploit300
GNU Wget FTP Symlink Arbitrary Filesystem Access
Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to w
30RISCO
abrir ↗Metasploit300
WildFly Directory Traversal
Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.
23RISCO
abrir ↗Metasploit600
Wordpress Creative Contact Form Upload Vulnerability
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery
60RISCO
abrir ↗Metasploit600
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2
100RISCO
abrir ↗Metasploit600
Drupal HTTP Parameter Key/Value SQL Injection
The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct
60RISCO
abrir ↗Metasploit600
Centreon SQL and Command Injection
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3
60RISCO
abrir ↗Metasploit600
Centreon SQL and Command Injection
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remot
60RISCO
abrir ↗Metasploit300
SSL/TLS Version Detection
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefo
40RISCO
abrir ↗Metasploit300
SSL/TLS Version Detection
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which mak
45RISCO
abrir ↗Metasploit500
Adobe Flash Player casi32 Integer Overflow
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and bef
60RISCO
abrir ↗Metasploit300
SSL/TLS Version Detection
Using a Custom Cipher with NID_undef may lead to NULL encryption
18RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.