Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit500
Java Applet ProviderSkeleton Insecure Invoke Method
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and
60RISCO
abrir ↗Metasploit300
Canon Printer Wireless Configuration Disclosure
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX9
18RISCO
abrir ↗Metasploit300
Canon Wireless Printer Denial Of Service
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause
23RISCO
abrir ↗Metasploit500
FreeBSD 9 Address Space Manipulation Privilege Escalation
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEAS
38RISCO
abrir ↗Metasploit600
Havalite CMS Arbitary File Upload Vulnerability
Havalite CMS Arbitary File Upload RCE
63RISCO
abrir ↗Metasploit600
LibrettoCMS File Manager Arbitary File Upload Vulnerability
LibrettoCMS File Manager Arbitrary File Upload
63RISCO
abrir ↗Metasploit600
HP System Management Homepage JustGetSNMPQueue Command Injection
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands vi
50RISCO
abrir ↗Metasploit600
ZPanel 10.0.0.2 htpasswd Module Username Command Execution
ZPanel <= 10.0.0.2 htpasswd Module Username Command Execution
36RISCO
abrir ↗Metasploit600
ZPanel zsudo Local Privilege Escalation Exploit
ZPanel zsudo Local Privilege Escalation
36RISCO
abrir ↗Metasploit600
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote
43RISCO
abrir ↗Metasploit300
Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users w
43RISCO
abrir ↗Metasploit600
Netgear DGN1000 Setup.cgi Unauthenticated RCE
NETGEAR DGN setup.cgi OS Command Injection
68RISCO
abrir ↗Metasploit300
HP Data Protector Cell Request Service Buffer Overflow
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arb
60RISCO
abrir ↗Metasploit300
Monkey HTTPD Header Parsing Denial of Service (DoS)
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) be
23RISCO
abrir ↗Metasploit300
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
Synactis PDF In-The-Box ConnectToSynactic Stack-Based Buffer Overflow
36RISCO
abrir ↗Metasploit0
Intrasrv 1.0 Buffer Overflow
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET o
30RISCO
abrir ↗Metasploit500
Apache Struts includeParams Remote Code Execution
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISCO
abrir ↗Metasploit500
Apache Struts includeParams Remote Code Execution
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not
60RISCO
abrir ↗Metasploit300
ERS Viewer 2013 ERS File Handling Buffer Overflow
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.
50RISCO
abrir ↗Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISCO
abrir ↗Metasploit300
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a de
50RISCO
abrir ↗Metasploit300
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of s
50RISCO
abrir ↗Metasploit200
Novell Client 2 SP3 nicm.sys Local Privilege Escalation
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2
38RISCO
abrir ↗Metasploit300
Java JMX Server Insecure Endpoint Code Execution Scanner
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISCO
abrir ↗Metasploit600
Java JMX Server Insecure Configuration Java Code Execution
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not r
60RISCO
abrir ↗Metasploit200
Kimai v0.9.2 'db_restore.php' SQL Injection
Kimai 0.9.2 db_restore.php SQL Injection
63RISCO
abrir ↗Metasploit200
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo
98RISCO
abrir ↗Metasploit600
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers t
50RISCO
abrir ↗Metasploit600
Mutiny 5 Arbitrary File Upload
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISCO
abrir ↗Metasploit300
Mutiny 5 Arbitrary File Read and Delete
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow
50RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.