Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
19.841 exploits
Referência
CVE-2019-13272
CVE-2019-13272HIGHsob ataque
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISCO
abrir
Referência
CVE-2016-4117
CVE-2016-4117HIGHsob ataque
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as
100RISCO
abrir
Referência
CVE-2017-1000486
CVE-2017-1000486CRITICALsob ataque
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
100RISCO
abrir
Referência
CVE-2022-31470
An XSS vulnerability in the index_mobile_changepass.hsp reset-password section of Axigen Mobile WebMail before 10.2.3.12
50RISCO
abrir
Referência
Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Denial of Service (PoC)
A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and
50RISCO
abrir
Referência
Microsoft Works 7 - 'WkImgSrv.dll' ActiveX Remote Buffer Overflow
A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and
50RISCO
abrir
Referência
CVE-2010-1622
SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote at
35RISCO
abrir
Referência
CVE-2019-13068
public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the
35RISCO
abrir
Referência
CVE-2011-4075
The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary
50RISCO
abrir
Referência
CVE-2025-40552
SolarWinds Web Help Desk Authentication Bypass Vulnerability
75RISCO
abrir
Referência
CVE-2011-0522
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/code
35RISCO
abrir
Referência
PHPNews 0.93 - 'format_menue' Remote File Inclusion
PHP remote file inclusion vulnerability in admin/inc/change_action.php in Andreas Robertz PHPNews 0.93 allows remote att
35RISCO
abrir
Referência
CVE-2014-9308
Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart (aka Wor
50RISCO
abrir
Referência
CVE-2014-9308
Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart (aka Wor
50RISCO
abrir
Referência
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express
35RISCO
abrir
Referência
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service (Metasploit)
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express
35RISCO
abrir
Referência
CVE-2017-8731
Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the
35RISCO
abrir
Referência
CVE-2016-2388
CVE-2016-2388MEDIUMsob ataque
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user infor
75RISCO
abrir
Referência
CVE-2016-2388
CVE-2016-2388MEDIUMsob ataque
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user infor
75RISCO
abrir
Referência
CVE-2016-2388
CVE-2016-2388MEDIUMsob ataque
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user infor
75RISCO
abrir
Referência
CVE-2016-2388
CVE-2016-2388MEDIUMsob ataque
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user infor
75RISCO
abrir
Referência
CVE-2016-8740
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2
45RISCO
abrir
Referência
CVE-2015-1833
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.
35RISCO
abrir
Referência
CVE-2015-1833
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.
35RISCO
abrir
Referência
CVE-2024-7314
anji-plus AJ-Report Authentication Bypass
75RISCO
abrir
Referência
CVE-2024-7314
anji-plus AJ-Report Authentication Bypass
75RISCO
abrir
Referência
CVE-2024-7314
anji-plus AJ-Report Authentication Bypass
75RISCO
abrir
Referência
CVE-2017-8496
Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of
35RISCO
abrir
Referência
CVE-2024-53676
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution
60RISCO
abrir
Referência
CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3,
35RISCO
abrir
anteriorpágina 61 / 662próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.