Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit500
HP Intelligent Management Center Arbitrary File Upload
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Netw
50RISCO
abrir ↗Metasploit300
MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary co
100RISCO
abrir ↗Metasploit600
D-Link DIR-645 / DIR-815 diagnostic.php Command Execution
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b
78RISCO
abrir ↗Metasploit300
Java CMM Remote Code Execution
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and
60RISCO
abrir ↗Metasploit300
Mac OS X Sudo Password Bypass
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypas
38RISCO
abrir ↗Metasploit100
Sami FTP Server LIST Command Buffer Overflow
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) a
23RISCO
abrir ↗Metasploit600
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R
43RISCO
abrir ↗Metasploit600
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
63RISCO
abrir ↗Metasploit600
Nagios Remote Plugin Executor Arbitrary Command Execution
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote att
50RISCO
abrir ↗Metasploit0
Netgear DGN2200B pppoe.cgi Remote Command Execution
Netgear Routers pppoe.cgi RCE
63RISCO
abrir ↗Metasploit600
OpenEMR PHP File Upload Vulnerability
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer
60RISCO
abrir ↗Metasploit200
MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a cr
50RISCO
abrir ↗Metasploit600
Linksys WRT160nv2 apply.cgi Remote Command Injection
Linksys Routers apply.cgi Remote Command Injection
36RISCO
abrir ↗Metasploit300
Adobe Flash Player Regular Expression Heap Overflow
Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x
60RISCO
abrir ↗Metasploit300
D-Link hedwig.cgi Buffer Overflow in Cookie Header
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RISCO
abrir ↗Metasploit300
D-Link authentication.cgi Buffer Overflow
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RISCO
abrir ↗Metasploit600
D-Link DIR615h OS Command Injection
D-Link Routers tools_vct.htm OS Command Injection
41RISCO
abrir ↗Metasploit600
Netgear DGN1000B setup.cgi Remote Command Execution
Netgear Routers setup.cgi RCE
36RISCO
abrir ↗Metasploit600
Linksys E1500/E2500 apply.cgi Remote Command Injection
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RISCO
abrir ↗Metasploit300
Linksys E1500/E2500 Remote Command Execution
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RISCO
abrir ↗Metasploit300
ActFax 5.01 RAW Server Buffer Overflow
ActFax 5.01 RAW Server Buffer Overflow
63RISCO
abrir ↗Metasploit300
OpenSSL TLS 1.1 and 1.2 AES-NI DoS
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 bef
30RISCO
abrir ↗Metasploit600
Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
Glossword 1.8.8 - 1.8.12 Arbitrary File Upload RCE
43RISCO
abrir ↗Metasploit300
D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution
D-Link Devices Unauthenticated RCE
68RISCO
abrir ↗Metasploit0
Raidsonic NAS Devices Unauthenticated Remote Command Execution
Raidsonic NAS Devices Unauthenticated Remote Command Execution
63RISCO
abrir ↗Metasploit600
D-Link Devices Unauthenticated Remote Command Execution
D-Link Devices command.php Unauthenticated RCE
68RISCO
abrir ↗Metasploit600
SCADA 3S CoDeSys Gateway Server Directory Traversal
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitr
50RISCO
abrir ↗Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled b
23RISCO
abrir ↗Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the
60RISCO
abrir ↗Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability vi
30RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.