Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit600
HP Intelligent Management Center BIMS UploadServlet Directory Traversal
CVE-2013-482208 out 2013
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Soft
50RISCO
abrir
Metasploit600
FlashChat Arbitrary File Upload
CVE-2013-10038CRITICAL04 out 2013
FlashChat Arbitrary File Upload RCE
63RISCO
abrir
Metasploit600
ClipBucket Remote Code Execution
CVE-2013-10040CRITICAL04 out 2013
ClipBucket <= 2.6 ofc_upload_image.php Arbitrary File Upload RCE
63RISCO
abrir
Metasploit600
GestioIP Remote Command Execution
CVE-2013-10039HIGH04 out 2013
GestioIP 3.0 ip_checkhost.cgi RCE
36RISCO
abrir
Metasploit600
ibstat $PATH Privilege Escalation
CVE-2013-401124 set 2013
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, a
38RISCO
abrir
Metasploit600
Zabbix 2.0.8 SQL Injection and Remote Code Execution
CVE-2013-574323 set 2013
Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.
60RISCO
abrir
Metasploit600
ZeroShell Remote Code Execution
CVE-2009-054522 set 2013
cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell meta
60RISCO
abrir
Metasploit600
Cisco Prime Data Center Network Manager Arbitrary File Upload
CVE-2013-548618 set 2013
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager
60RISCO
abrir
Metasploit300
MS13-080 Microsoft Internet Explorer SetMouseCapture Use-After-Free
CVE-2013-3893HIGHsob ataque17 set 2013
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 throug
100RISCO
abrir
Metasploit0
Astium Remote Code Execution
CVE-2013-10043CRITICAL17 set 2013
Astium VOIP PBX <= 2.1 SQL Injection File Upload RCE
63RISCO
abrir
Metasploit600
F5 iControl Remote Root Command Execution
CVE-2014-292817 set 2013
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5
50RISCO
abrir
Metasploit600
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
CVE-2013-10044HIGH16 set 2013
OpenEMR ≤ 4.1.1 SQL Injection Privilege Escalation and RCE
36RISCO
abrir
Metasploit0
GLPI install.php Remote Command Execution
CVE-2013-569612 set 2013
inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installati
38RISCO
abrir
Metasploit600
MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution
CVE-2013-0810HIGH10 set 2013
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote a
68RISCO
abrir
Metasploit300
MS13-069 Microsoft Internet Explorer CCaret Use-After-Free
CVE-2013-320510 set 2013
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (
50RISCO
abrir
Metasploit600
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
CVE-2013-481209 set 2013
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0,
50RISCO
abrir
Metasploit600
HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
CVE-2013-481109 set 2013
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4
60RISCO
abrir
Metasploit600
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
CVE-2013-498306 set 2013
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows
60RISCO
abrir
Metasploit600
Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation
CVE-2013-498406 set 2013
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1
38RISCO
abrir
Metasploit600
Android get_user/put_user Exploit
CVE-2013-6282HIGHsob ataque06 set 2013
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not
98RISCO
abrir
Metasploit300
HTTP Client LAN IP Address Gather
CVE-2018-684905 set 2013
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client informati
50RISCO
abrir
Metasploit600
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
CVE-2013-206804 set 2013
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow re
50RISCO
abrir
Metasploit600
VMWare Setuid vmware-mount Unsafe popen(3)
CVE-2013-166222 ago 2013
vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allo
38RISCO
abrir
Metasploit300
freeFTPd PASS Command Buffer Overflow
CVE-2013-10042CRITICAL20 ago 2013
freeFTPd <= 1.0.10 PASS Command Stack-Based Buffer Overflow
63RISCO
abrir
Metasploit600
Graphite Web Unsafe Pickle Handling
CVE-2013-509320 ago 2013
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python
50RISCO
abrir
Metasploit500
Java storeImageArray() Invalid Array Indexing Vulnerability
CVE-2013-2465CRITICALsob ataqueransomware12 ago 2013
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 U
100RISCO
abrir
Metasploit300
Adobe Reader ToolButton Use After Free
CVE-2013-3346HIGHsob ataque08 ago 2013
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitr
100RISCO
abrir
Metasploit500
Adobe ColdFusion RDS Authentication Bypass
CVE-2013-0632CRITICALsob ataque08 ago 2013
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and pos
100RISCO
abrir
Metasploit300
Adobe Reader ToolButton Use After Free
CVE-2013-3346HIGHsob ataque08 ago 2013
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitr
100RISCO
abrir
Metasploit600
OpenX Backdoor PHP Code Execution
CVE-2013-421107 ago 2013
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, wh
60RISCO
abrir
anteriorpágina 62 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.