Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird befo
50RISCO
abrir ↗Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi
50RISCO
abrir ↗Metasploit600
Squash YAML Code Execution
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter t
50RISCO
abrir ↗Metasploit600
Agnitum Outpost Internet Security Local Privilege Escalation
Agnitum Outpost Internet Security Local Privilege Escalation
36RISCO
abrir ↗Metasploit600
Joomla Media Manager File Upload Vulnerability
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before
50RISCO
abrir ↗Metasploit0
HP SiteScope Remote Code Execution
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execu
50RISCO
abrir ↗Metasploit300
HP LoadRunner magentproc.exe Overflow
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISCO
abrir ↗Metasploit300
Chasys Draw IES Buffer Overflow
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote atta
50RISCO
abrir ↗Metasploit300
Cogent DataHub HTTP Server Buffer Overflow
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub befor
23RISCO
abrir ↗Metasploit600
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacha
60RISCO
abrir ↗Metasploit300
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISCO
abrir ↗Metasploit300
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISCO
abrir ↗Metasploit600
Oracle Endeca Server Remote Command Execution
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows rem
50RISCO
abrir ↗Metasploit0
NETGEAR ReadyNAS Perl Code Evaluation
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator
60RISCO
abrir ↗Metasploit600
Linksys Devices pingstr Remote Command Injection
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentica
43RISCO
abrir ↗Metasploit300
Ultra Mini HTTPD Stack Buffer Overflow
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RISCO
abrir ↗Metasploit300
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
100RISCO
abrir ↗Metasploit300
Corel PDF Fusion Stack Buffer Overflow
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wi
43RISCO
abrir ↗Metasploit300
D-Link Devices UPnP SOAP Command Execution
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClien
100RISCO
abrir ↗Metasploit600
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a
100RISCO
abrir ↗Metasploit600
Nodejs js-yaml load() Code Execution
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
43RISCO
abrir ↗Metasploit300
HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attacke
50RISCO
abrir ↗Metasploit300
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
50RISCO
abrir ↗Metasploit300
PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USE
50RISCO
abrir ↗Metasploit600
Horde Framework Unserialize PHP Code Execution
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to c
50RISCO
abrir ↗Metasploit600
InstantCMS 1.6 Remote PHP Code Execution
InstantCMS <= 1.6 Remote PHP Code Execution
63RISCO
abrir ↗Metasploit300
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before
98RISCO
abrir ↗Metasploit300
MediaCoder .M3U Buffer Overflow
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
43RISCO
abrir ↗Metasploit300
IPMI 2.0 Cipher Zero Authentication Bypass Scanner
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands b
23RISCO
abrir ↗Metasploit300
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote
60RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.