Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
CVE-2013-171006 ago 2013
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird befo
50RISCO
abrir
Metasploit600
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
CVE-2012-399306 ago 2013
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbi
50RISCO
abrir
Metasploit600
Squash YAML Code Execution
CVE-2013-503606 ago 2013
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter t
50RISCO
abrir
Metasploit600
Agnitum Outpost Internet Security Local Privilege Escalation
CVE-2013-10046HIGH02 ago 2013
Agnitum Outpost Internet Security Local Privilege Escalation
36RISCO
abrir
Metasploit600
Joomla Media Manager File Upload Vulnerability
CVE-2013-557601 ago 2013
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before
50RISCO
abrir
Metasploit0
HP SiteScope Remote Code Execution
CVE-2013-236729 jul 2013
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execu
50RISCO
abrir
Metasploit300
HP LoadRunner magentproc.exe Overflow
CVE-2013-480027 jul 2013
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISCO
abrir
Metasploit300
Chasys Draw IES Buffer Overflow
CVE-2013-392826 jul 2013
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote atta
50RISCO
abrir
Metasploit300
Cogent DataHub HTTP Server Buffer Overflow
CVE-2013-068026 jul 2013
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub befor
23RISCO
abrir
Metasploit600
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
CVE-2013-682926 jul 2013
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacha
60RISCO
abrir
Metasploit300
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
CVE-2013-479824 jul 2013
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISCO
abrir
Metasploit300
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
CVE-2013-237024 jul 2013
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
50RISCO
abrir
Metasploit600
Oracle Endeca Server Remote Command Execution
CVE-2013-376316 jul 2013
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows rem
50RISCO
abrir
Metasploit0
NETGEAR ReadyNAS Perl Code Evaluation
CVE-2013-275112 jul 2013
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator
60RISCO
abrir
Metasploit600
Linksys Devices pingstr Remote Command Injection
CVE-2013-356812 jul 2013
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentica
43RISCO
abrir
Metasploit300
Ultra Mini HTTPD Stack Buffer Overflow
CVE-2013-501910 jul 2013
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RISCO
abrir
Metasploit300
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
CVE-2013-3163HIGHsob ataque09 jul 2013
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
100RISCO
abrir
Metasploit300
Corel PDF Fusion Stack Buffer Overflow
CVE-2013-324808 jul 2013
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wi
43RISCO
abrir
Metasploit300
D-Link Devices UPnP SOAP Command Execution
CVE-2014-8361CRITICALsob ataque05 jul 2013
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClien
100RISCO
abrir
Metasploit600
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
CVE-2013-2251CRITICALsob ataque02 jul 2013
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a
100RISCO
abrir
Metasploit600
Nodejs js-yaml load() Code Execution
CVE-2013-466028 jun 2013
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic
43RISCO
abrir
Metasploit300
HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
CVE-2013-234328 jun 2013
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attacke
50RISCO
abrir
Metasploit300
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
CVE-2013-318427 jun 2013
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service
50RISCO
abrir
Metasploit300
PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow
CVE-2013-473027 jun 2013
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USE
50RISCO
abrir
Metasploit600
Horde Framework Unserialize PHP Code Execution
CVE-2014-169127 jun 2013
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to c
50RISCO
abrir
Metasploit600
InstantCMS 1.6 Remote PHP Code Execution
CVE-2013-10051CRITICAL26 jun 2013
InstantCMS <= 1.6 Remote PHP Code Execution
63RISCO
abrir
Metasploit300
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
CVE-2013-1690HIGHsob ataque25 jun 2013
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before
98RISCO
abrir
Metasploit300
MediaCoder .M3U Buffer Overflow
CVE-2017-886924 jun 2013
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
43RISCO
abrir
Metasploit300
IPMI 2.0 Cipher Zero Authentication Bypass Scanner
CVE-2013-478220 jun 2013
The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands b
23RISCO
abrir
Metasploit300
IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval
CVE-2013-478620 jun 2013
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote
60RISCO
abrir
anteriorpágina 63 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.