Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit300
Linksys WRT120N tmUnblock Stack Buffer Overflow
CVE-2014-125122MEDIUM19 fev 2014
Linksys WRT120N tmUnblock.cgi Stack-Based Buffer Overflow Admin Password Reset
28RISCO
abrir
Metasploit600
Linksys E-Series TheMoon Remote Command Injection
CVE-2025-34037CRITICAL13 fev 2014
Linksys Routers E/WAG/WAP/WES/WET/WRT-Series
85RISCO
abrir
Metasploit300
MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free
CVE-2014-0322HIGHsob ataque13 fev 2014
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code v
100RISCO
abrir
Metasploit600
Fritz!Box Webcm Unauthenticated Command Injection
CVE-2014-972711 fev 2014
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter t
60RISCO
abrir
Metasploit500
MS14-009 .NET Deployment Service IE Sandbox Escape
CVE-2014-025711 fev 2014
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it
50RISCO
abrir
Metasploit300
Apache Commons FileUpload and Apache Tomcat DoS
CVE-2014-005006 fev 2014
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products,
60RISCO
abrir
Metasploit300
Publish-It PUI Buffer Overflow (SEH)
CVE-2014-098005 fev 2014
Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI f
50RISCO
abrir
Metasploit300
Adobe Flash Player Integer Underflow Remote Code Execution
CVE-2014-0497HIGHsob ataque05 fev 2014
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Ma
100RISCO
abrir
Metasploit600
Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
CVE-2014-125121CRITICAL03 fev 2014
Array Networks vAPV and vxAG Default Credential Privilege Escalation
43RISCO
abrir
Metasploit400
Linux Kernel recvmmsg Privilege Escalation
CVE-2014-003802 fev 2014
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allo
50RISCO
abrir
Metasploit600
Pandora FMS Default Credential / SQLi Remote Code Execution
CVE-2014-125115CRITICAL01 fev 2014
Pandora FMS ≤ 5.0 SP2 Default Credential SQL Injection RCE
63RISCO
abrir
Metasploit600
Zpanel Remote Unauthenticated RCE
CVE-2013-209730 jan 2014
ZPanel through 10.1.0 has Remote Command Execution
43RISCO
abrir
Metasploit600
Pandora FMS Remote Code Execution
CVE-2014-125124CRITICAL29 jan 2014
Pandora FMS <= 5.0RC1 Anyterm Unauthenticated Command Injection
63RISCO
abrir
Metasploit600
MediaWiki Thumb.php Remote Command Execution
CVE-2014-161028 jan 2014
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x before 1.19.11, when DjVu or PDF file upload support is
50RISCO
abrir
Metasploit0
Kloxo SQL Injection and Remote Code Execution
CVE-2014-125123CRITICAL28 jan 2014
Kloxo < 6.1.12 Unauthenticated SQL Injection RCE
43RISCO
abrir
Metasploit300
A10 Networks AX Loadbalancer Directory Traversal
CVE-2014-125125HIGH28 jan 2014
A10 Networks AX Loadbalancer Path Traversal
36RISCO
abrir
Metasploit600
SkyBlueCanvas CMS Remote Code Execution
CVE-2014-168328 jan 2014
The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in SkyBlueCanvas CMS before 1.1 r248
50RISCO
abrir
Metasploit300
ManageEngine Support Center Plus Directory Traversal
CVE-2014-10000228 jan 2014
Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arb
50RISCO
abrir
Metasploit600
Simple E-Document Arbitrary File Upload
CVE-2014-125126CRITICAL23 jan 2014
Simple E-Document Arbitrary File Upload RCE
63RISCO
abrir
Metasploit600
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
CVE-2014-075023 jan 2014
GE Proficy HMI/SCADA Path Traversal
78RISCO
abrir
Metasploit0
Firefox Proxy Prototype Privileged Javascript Injection
CVE-2014-863620 jan 2014
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with
50RISCO
abrir
Metasploit0
Firefox Proxy Prototype Privileged Javascript Injection
CVE-2015-080220 jan 2014
Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl
50RISCO
abrir
Metasploit300
Mac OS X Safari file:// Redirection Sandbox Escape
CVE-2015-115516 jan 2014
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allo
23RISCO
abrir
Metasploit500
Oracle Forms and Reports Remote Code Execution
CVE-2012-315315 jan 2014
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and
60RISCO
abrir
Metasploit500
Oracle Forms and Reports Remote Code Execution
CVE-2012-3152CRITICALsob ataque15 jan 2014
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and
100RISCO
abrir
Metasploit400
KingScada kxClientDownload.ocx ActiveX Remote Code Execution
CVE-2013-282714 jan 2014
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before
50RISCO
abrir
Metasploit500
HP AutoPass License Server File Upload
CVE-2013-622110 jan 2014
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoP
60RISCO
abrir
Metasploit600
GetSimpleCMS PHP File Upload Vulnerability
CVE-2013-10032HIGH04 jan 2014
GetSimple CMS 3.2.1 Authenticated RCE via Arbitrary PHP File Upload
36RISCO
abrir
Metasploit600
HP Data Protector Backup Client Service Remote Code Execution
CVE-2013-234702 jan 2014
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary
50RISCO
abrir
Metasploit500
HP Data Protector Backup Client Service Directory Traversal
CVE-2013-619402 jan 2014
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a
50RISCO
abrir
anteriorpágina 59 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.