Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.841 exploits
Referência
CVE-2017-8751
Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user
35RISCO
abrir ↗Referência
CVE-2017-8594
Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute
35RISCO
abrir ↗Referência
CVE-2014-7285
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to exe
50RISCO
abrir ↗Referência
CVE-2014-7285
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to exe
50RISCO
abrir ↗Referência
CVE-2017-6465
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP serv
50RISCO
abrir ↗Referência
CVE-2017-6465
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP serv
50RISCO
abrir ↗Referência
CVE-2017-8541
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
35RISCO
abrir ↗Referência
CVE-2017-8538
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
35RISCO
abrir ↗Referência
CVE-2018-9126
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and conseque
35RISCO
abrir ↗Referência
CVE-2018-9126
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and conseque
35RISCO
abrir ↗Referência
CVE-2016-6435
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via
50RISCO
abrir ↗Referência
CVE-2017-14492
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut
45RISCO
abrir ↗Referência
CVE-2018-0770
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitra
45RISCO
abrir ↗Referência
CVE-2017-1000083
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to e
50RISCO
abrir ↗Referência
CVE-2018-8096
Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining admin access) via '"Name
35RISCO
abrir ↗Referência
CVE-2016-6909
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9
35RISCO
abrir ↗Referência
CVE-2016-6909
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9
35RISCO
abrir ↗Referência
CVE-2016-3313
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote at
35RISCO
abrir ↗Referência
CVE-2015-2994
Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid Help Desk before 15.2 allows remote administrators t
50RISCO
abrir ↗Referência
CVE-2017-8682
Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold a
35RISCO
abrir ↗Referência
CVE-2016-0189
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other
100RISCO
abrir ↗Referência
CVE-2018-12604
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_d
28RISCO
abrir ↗Referência
CVE-2017-16720
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within th
35RISCO
abrir ↗Referência
CVE-2022-36633
Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ss
35RISCO
abrir ↗Referência
CVE-2022-36633
Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ss
35RISCO
abrir ↗Referência
CVE-2017-11890
Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Win
35RISCO
abrir ↗Referência
CVE-2018-16323
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that ha
35RISCO
abrir ↗Referência
CVE-2015-6967
Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to
50RISCO
abrir ↗Referência
CVE-2016-4010
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary
60RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.