Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.841 exploits
Referência
CVE-2013-2143
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update
50RISCO
abrir ↗Referência
CVE-2013-2143
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update
50RISCO
abrir ↗Referência
Microsoft Excel 2000/2003 - Sheet Name (PoC)
Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified
35RISCO
abrir ↗Referência
CVE-2011-5130
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers t
50RISCO
abrir ↗Referência
CVE-2022-31188
Server-Side Request Forgery Vulnerability in Computer Vision Annotation Tool (CVAT)
53RISCO
abrir ↗Referência
CVE-2023-50919
An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string
75RISCO
abrir ↗Referência
CVE-2012-4361
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to exe
50RISCO
abrir ↗Referência
CVE-2012-4361
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to exe
50RISCO
abrir ↗Referência
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin
50RISCO
abrir ↗Referência
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin
50RISCO
abrir ↗Referência
CVE-2012-3569
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Pl
50RISCO
abrir ↗Referência
CVE-2013-2094
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data t
83RISCO
abrir ↗Referência
CVE-2013-2094
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data t
83RISCO
abrir ↗Referência
CVE-2018-1000811
bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages
35RISCO
abrir ↗Referência
CVE-2015-3093
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460
35RISCO
abrir ↗Referência
CVE-2018-8544
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows
35RISCO
abrir ↗Referência
CVE-2011-5130
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers t
50RISCO
abrir ↗Referência
CVE-2025-32463
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISCO
abrir ↗Referência
CVE-2010-0985
Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote atta
43RISCO
abrir ↗Referência
CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticat
50RISCO
abrir ↗Referência
jetAudio 7.x - ActiveX 'DownloadFromMusicStore()' Code Execution
Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic an
35RISCO
abrir ↗Referência
CVE-2016-3316
Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to execute arbitrary code via a craf
35RISCO
abrir ↗Referência
CVE-2014-2299
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10
50RISCO
abrir ↗Referência
CVE-2014-2299
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10
50RISCO
abrir ↗Referência
Microsoft Windows Server 2000 - UPNP 'getdevicelist' Memory Leak Denial of Service
PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 a
35RISCO
abrir ↗Referência
CVE-2014-2962
Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware befor
50RISCO
abrir ↗Referência
CVE-2023-30258
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary com
85RISCO
abrir ↗Referência
CVE-2020-10914
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.
75RISCO
abrir ↗Referência
Cain & Abel 4.9.23 - '.rdp' Buffer Overflow (PoC)
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier,
50RISCO
abrir ↗Referência
Cain & Abel 4.9.24 - '.rdp' Local Stack Overflow
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier,
50RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.