Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.841 exploits
Referência
CVE-2016-3222
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a
35RISCO
abrir ↗Referência
CVE-2016-3222
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a
35RISCO
abrir ↗Referência
CVE-2015-4553
A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.
35RISCO
abrir ↗Referência
CVE-2010-3971
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in msh
60RISCO
abrir ↗Referência
CVE-2010-3971
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in msh
60RISCO
abrir ↗Referência
CVE-2017-6527
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal att
50RISCO
abrir ↗Referência
Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 200
35RISCO
abrir ↗Referência
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) (MS08-021)
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 200
35RISCO
abrir ↗Referência
CVE-2015-3080
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows
35RISCO
abrir ↗Referência
CVE-2015-4074
Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read ar
50RISCO
abrir ↗Referência
CVE-2015-4074
Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read ar
50RISCO
abrir ↗Referência
Postcast Server Pro 3.0.61 / Quiksoft EasyMail - 'emsmtp.dll 6.0.1' Remote Buffer Overflow
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used
50RISCO
abrir ↗Referência
CVE-2016-0784
Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1
35RISCO
abrir ↗Referência
CVE-2016-0784
Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1
35RISCO
abrir ↗Referência
CVE-2018-17173
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getT
50RISCO
abrir ↗Referência
CVE-2018-17173
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getT
50RISCO
abrir ↗Referência
CVE-2018-17173
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getT
50RISCO
abrir ↗Referência
Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote Overflow
Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSC
35RISCO
abrir ↗Referência
CVE-2015-1701
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local
98RISCO
abrir ↗Referência
CVE-2015-1701
Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local
98RISCO
abrir ↗Referência★ 19
watchtowrlabs/watchTowr-vs-FortiSIEM-CVE-2025-25256
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in
75RISCO
abrir ↗Referência
CVE-2015-0313
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows
100RISCO
abrir ↗Referência
CVE-2013-1469
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbit
35RISCO
abrir ↗Referência
TP-Link Router AX50 firmware 210730 - Remote Code Execution (RCE) (Authenticated)
In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote
35RISCO
abrir ↗Referência
CVE-2017-6019
An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830
35RISCO
abrir ↗Referência
CVE-2013-1469
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbit
35RISCO
abrir ↗Referência
CVE-2019-9053
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve
35RISCO
abrir ↗Referência
CVE-2010-1472
Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attac
43RISCO
abrir ↗Referência
CVE-2010-2115
SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connections) via a crafted
50RISCO
abrir ↗Referência
CVE-2019-5825
Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploi
90RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.