Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit500
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
CVE-2013-273014 mai 2013
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attacke
60RISCO
abrir
Metasploit600
Firefox toString console.time Privileged Javascript Injection
CVE-2013-171014 mai 2013
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird befo
50RISCO
abrir
Metasploit500
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
CVE-2013-202807 mai 2013
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cau
60RISCO
abrir
Metasploit300
ColdFusion 'password.properties' Hash Extraction
CVE-2013-333607 mai 2013
Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files
60RISCO
abrir
Metasploit400
MS13-038 Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability
CVE-2013-1347HIGHsob ataque03 mai 2013
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbit
100RISCO
abrir
Metasploit300
AudioCoder .M3U Buffer Overflow
CVE-2017-887001 mai 2013
Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file.
43RISCO
abrir
Metasploit300
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
CVE-2012-594626 abr 2013
Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attac
50RISCO
abrir
Metasploit600
phpMyAdmin Authenticated Remote Code Execution via preg_replace()
CVE-2013-323825 abr 2013
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a
43RISCO
abrir
Metasploit300
ERS Viewer 2011 ERS File Handling Buffer Overflow
CVE-2013-072623 abr 2013
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 1
43RISCO
abrir
Metasploit600
D-Link Devices Unauthenticated Remote Command Execution
CVE-2013-10050HIGH22 abr 2013
D-Link Devices tools_vct.xgi Authenticated RCE
36RISCO
abrir
Metasploit200
Tincd Post-Authentication Remote TCP Stack Buffer Overflow
CVE-2013-142822 abr 2013
Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pr
50RISCO
abrir
Metasploit600
WordPress W3 Total Cache PHP Code Execution
CVE-2013-201017 abr 2013
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
60RISCO
abrir
Metasploit600
Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
CVE-2013-155916 abr 2013
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.
50RISCO
abrir
Metasploit600
Ruby on Rails Known Secret Session Cookie Remote Code Execution
CVE-2013-015611 abr 2013
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, an
60RISCO
abrir
Metasploit600
MiniWeb (Build 300) Arbitrary File Upload
CVE-2013-10047CRITICAL09 abr 2013
MiniWeb <= Build 300 Arbitrary File Upload
43RISCO
abrir
Metasploit600
ABB MicroSCADA wserver.exe Remote Code Execution
CVE-2019-562005 abr 2013
ABB MicroSCADA Pro SYS600 Missing Authentication for Critical Function
40RISCO
abrir
Metasploit300
Sophos Web Protection Appliance patience.cgi Directory Traversal
CVE-2013-264103 abr 2013
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read
60RISCO
abrir
Metasploit300
MiniUPnPd 1.4 Denial of Service (DoS) Exploit
CVE-2013-022927 mar 2013
The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attacke
60RISCO
abrir
Metasploit300
MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution
CVE-2013-023027 mar 2013
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP
50RISCO
abrir
Metasploit600
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
CVE-2013-321526 mar 2013
vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in
50RISCO
abrir
Metasploit600
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
CVE-2013-321426 mar 2013
vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.
60RISCO
abrir
Metasploit600
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
CVE-2013-352225 mar 2013
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier
43RISCO
abrir
Metasploit300
vBulletin Password Collector via nodeid SQL Injection
CVE-2013-352224 mar 2013
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier
43RISCO
abrir
Metasploit300
MongoDB nativeHelper.apply Remote Code Execution
CVE-2013-189224 mar 2013
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMo
50RISCO
abrir
Metasploit500
Novell ZENworks Configuration Management Remote Execution
CVE-2013-108022 mar 2013
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform a
60RISCO
abrir
Metasploit300
Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service
CVE-2013-10065HIGH17 mar 2013
Sysax Multi-Server <= 6.10 SSHD Key Exchange DoS
36RISCO
abrir
Metasploit600
Novell Zenworks Mobile Managment MDM.php Local File Inclusion Vulnerability
CVE-2013-108113 mar 2013
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote at
50RISCO
abrir
Metasploit300
MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
CVE-2013-0074HIGHsob ataqueransomware12 mar 2013
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML obj
100RISCO
abrir
Metasploit300
MS13-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
CVE-2013-3896MEDIUMsob ataque12 mar 2013
Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, wh
90RISCO
abrir
Metasploit600
GroundWork monarch_scan.cgi OS Command Injection
CVE-2013-350208 mar 2013
monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to ex
50RISCO
abrir
anteriorpágina 65 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.