Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit400
Supermicro Onboard IPMI close_window.cgi Buffer Overflow
CVE-2013-362306 nov 2013
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Managemen
60RISCO
abrir
Metasploit200
MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow
CVE-2013-3906HIGHsob ataque05 nov 2013
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compati
100RISCO
abrir
Metasploit600
Gitlab-shell Code Execution
CVE-2013-449004 nov 2013
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x
50RISCO
abrir
Metasploit300
Watermark Master Buffer Overflow (SEH)
CVE-2013-693501 nov 2013
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a
50RISCO
abrir
Metasploit600
Apache Roller OGNL Injection
CVE-2013-421231 out 2013
Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute
60RISCO
abrir
Metasploit600
Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
CVE-2013-695531 out 2013
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before
60RISCO
abrir
Metasploit600
Zabbix Authenticated Remote Command Execution
CVE-2013-362830 out 2013
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability
50RISCO
abrir
Metasploit600
OpenMediaVault rpc.php Authenticated Cron Remote Code Execution
CVE-2013-3632HIGH30 out 2013
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users
68RISCO
abrir
Metasploit500
Rocket Servergraph Admin Center fileRequestor Remote Code Execution
CVE-2014-391430 out 2013
Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows
60RISCO
abrir
Metasploit300
Openbravo ERP XXE Arbitrary File Read
CVE-2013-361730 out 2013
The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML
43RISCO
abrir
Metasploit600
HP LoadRunner EmulationAdmin Web Service Directory Traversal
CVE-2013-483730 out 2013
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arb
50RISCO
abrir
Metasploit600
ISPConfig Authenticated Arbitrary PHP Code Execution
CVE-2013-362930 out 2013
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution
50RISCO
abrir
Metasploit600
vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution
CVE-2013-359130 out 2013
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability
50RISCO
abrir
Metasploit500
HP SiteScope issueSiebelCmd Remote Code Execution
CVE-2013-483530 out 2013
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authenti
60RISCO
abrir
Metasploit600
Moodle Authenticated Spelling Binary RCE
CVE-2013-363030 out 2013
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell
50RISCO
abrir
Metasploit500
NAS4Free Arbitrary Remote Code Execution
CVE-2013-363130 out 2013
NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via a request to exec.p
43RISCO
abrir
Metasploit600
Moodle Authenticated Spelling Binary RCE
CVE-2013-434130 out 2013
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, an
43RISCO
abrir
Metasploit300
VideoCharge Studio Buffer Overflow (SEH)
CVE-2025-34123HIGH27 out 2013
VideoCharge Studio 2.12.3.685 SEH Buffer Overflow via .VSC File
36RISCO
abrir
Metasploit600
ProcessMaker Open Source Authenticated PHP Code Execution
CVE-2013-10035HIGH24 out 2013
ProcessMaker Open Source < 2.5.2 neoclassic Skin PHP Code Execution
36RISCO
abrir
Metasploit600
VICIdial Manager Send OS Command Injection
CVE-2013-446823 out 2013
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execut
50RISCO
abrir
Metasploit600
VICIdial Manager Send OS Command Injection
CVE-2013-446723 out 2013
Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-40
50RISCO
abrir
Metasploit300
Node.js HTTP Pipelining Denial of Service
CVE-2013-445018 out 2013
The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of se
30RISCO
abrir
Metasploit600
WebTester 5.x Command Execution
CVE-2013-10037CRITICAL17 out 2013
WebTester 5.x install2.php Unauthenticated Command Execution
63RISCO
abrir
Metasploit300
Beetel Connection Manager NetConfig.ini Buffer Overflow
CVE-2013-10036HIGH12 out 2013
Beetel Connection Manager NetConfig.ini Stack-Based Buffer Overflow
36RISCO
abrir
Metasploit300
Android Settings Remove Device Locks (4.0-4.3)
CVE-2013-627111 out 2013
Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted ap
18RISCO
abrir
Metasploit300
vBulletin Administrator Account Creation
CVE-2013-612909 out 2013
The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the
50RISCO
abrir
Metasploit300
ALLPlayer M3U Buffer Overflow
CVE-2013-740909 out 2013
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possib
50RISCO
abrir
Metasploit600
HP Intelligent Management Center BIMS UploadServlet Directory Traversal
CVE-2013-482208 out 2013
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Soft
50RISCO
abrir
Metasploit200
Windows TrackPopupMenuEx Win32k NULL Page
CVE-2013-388108 out 2013
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to ga
43RISCO
abrir
Metasploit300
MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free
CVE-2013-3897HIGHsob ataque08 out 2013
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allo
100RISCO
abrir
anteriorpágina 61 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.