Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.841 exploits
Referência
CVE-2011-4722
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read a
50RISCO
abrir ↗Referência
CVE-2014-2850
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrator
50RISCO
abrir ↗Referência
CVE-2018-14847
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated
100RISCO
abrir ↗Referência
CVE-2007-2222
Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as use
35RISCO
abrir ↗Referência
CVE-2017-0101
The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7
83RISCO
abrir ↗Referência
CVE-2014-5377
ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 build 5981 allows remote attackers to obtain user acc
50RISCO
abrir ↗Referência
CVE-2014-5377
ReadUsersFromMasterServlet in ManageEngine DeviceExpert before 5.9 build 5981 allows remote attackers to obtain user acc
50RISCO
abrir ↗Referência
CVE-2021-21551
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
98RISCO
abrir ↗Referência
CVE-2021-21551
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
98RISCO
abrir ↗Referência
CVE-2016-8582
A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbit
50RISCO
abrir ↗Referência
CVE-2014-8516
Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows remote attackers to execute arbitrary co
60RISCO
abrir ↗Referência
CVE-2017-0089
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers
35RISCO
abrir ↗Referência
CVE-2020-15922
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE)
35RISCO
abrir ↗Referência
CVE-2022-28080
Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter.
50RISCO
abrir ↗Referência
CVE-2015-5453
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell
50RISCO
abrir ↗Referência
CVE-2015-5453
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell
50RISCO
abrir ↗Referência
CVE-2015-5453
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell
50RISCO
abrir ↗Referência
CVE-2015-2997
SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the account
50RISCO
abrir ↗Referência
Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to
50RISCO
abrir ↗Referência
CVE-2010-1470
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read ar
43RISCO
abrir ↗Referência
CVE-2010-1470
Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read ar
43RISCO
abrir ↗Referência
CVE-2019-5434
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() cal
50RISCO
abrir ↗Referência
CVE-2018-1612
IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and
60RISCO
abrir ↗Referência
CVE-2021-45428
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can uploa
50RISCO
abrir ↗Referência
CVE-2018-9205
Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.
50RISCO
abrir ↗Referência
CVE-2017-6361
QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors.
35RISCO
abrir ↗Referência
CVE-2013-3632
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users
68RISCO
abrir ↗Referência
CVE-2013-3632
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users
68RISCO
abrir ↗Referência
Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC)
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server
53RISCO
abrir ↗Referência
Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server
53RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.