Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit500
HP Intelligent Management Center Arbitrary File Upload
CVE-2012-520107 mar 2013
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Netw
50RISCO
abrir
Metasploit300
MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
CVE-2013-2551HIGHsob ataqueransomware06 mar 2013
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary co
100RISCO
abrir
Metasploit600
D-Link DIR-645 / DIR-815 diagnostic.php Command Execution
CVE-2014-100005HIGHsob ataque05 mar 2013
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b
78RISCO
abrir
Metasploit300
Java CMM Remote Code Execution
CVE-2013-149301 mar 2013
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and
60RISCO
abrir
Metasploit300
Mac OS X Sudo Password Bypass
CVE-2013-177528 fev 2013
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypas
38RISCO
abrir
Metasploit100
Sami FTP Server LIST Command Buffer Overflow
CVE-2008-510627 fev 2013
Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) a
23RISCO
abrir
Metasploit600
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
CVE-2013-010822 fev 2013
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R
43RISCO
abrir
Metasploit600
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
CVE-2013-10066CRITICAL22 fev 2013
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
63RISCO
abrir
Metasploit600
Nagios Remote Plugin Executor Arbitrary Command Execution
CVE-2013-136221 fev 2013
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote att
50RISCO
abrir
Metasploit0
Netgear DGN2200B pppoe.cgi Remote Command Execution
CVE-2013-10060CRITICAL15 fev 2013
Netgear Routers pppoe.cgi RCE
63RISCO
abrir
Metasploit600
OpenEMR PHP File Upload Vulnerability
CVE-2009-414013 fev 2013
Unrestricted file upload vulnerability in ofc_upload_image.php in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer
60RISCO
abrir
Metasploit200
MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free
CVE-2013-002513 fev 2013
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a cr
50RISCO
abrir
Metasploit600
Linksys WRT160nv2 apply.cgi Remote Command Injection
CVE-2013-10058HIGH11 fev 2013
Linksys Routers apply.cgi Remote Command Injection
36RISCO
abrir
Metasploit300
Adobe Flash Player Regular Expression Heap Overflow
CVE-2013-063408 fev 2013
Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x
60RISCO
abrir
Metasploit300
D-Link hedwig.cgi Buffer Overflow in Cookie Header
CVE-2013-738908 fev 2013
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RISCO
abrir
Metasploit300
D-Link authentication.cgi Buffer Overflow
CVE-2013-738908 fev 2013
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allo
43RISCO
abrir
Metasploit600
D-Link DIR615h OS Command Injection
CVE-2013-10059HIGH07 fev 2013
D-Link Routers tools_vct.htm OS Command Injection
41RISCO
abrir
Metasploit600
Netgear DGN1000B setup.cgi Remote Command Execution
CVE-2013-10061HIGH06 fev 2013
Netgear Routers setup.cgi RCE
36RISCO
abrir
Metasploit600
Linksys E1500/E2500 apply.cgi Remote Command Injection
CVE-2018-3953HIGH05 fev 2013
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RISCO
abrir
Metasploit300
Linksys E1500/E2500 Remote Command Execution
CVE-2018-3953HIGH05 fev 2013
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version
41RISCO
abrir
Metasploit300
ActFax 5.01 RAW Server Buffer Overflow
CVE-2013-10064CRITICAL05 fev 2013
ActFax 5.01 RAW Server Buffer Overflow
63RISCO
abrir
Metasploit300
OpenSSL TLS 1.1 and 1.2 AES-NI DoS
CVE-2012-268605 fev 2013
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 bef
30RISCO
abrir
Metasploit600
Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
CVE-2013-10067CRITICAL05 fev 2013
Glossword 1.8.8 - 1.8.12 Arbitrary File Upload RCE
43RISCO
abrir
Metasploit300
D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution
CVE-2013-10069CRITICAL04 fev 2013
D-Link Devices Unauthenticated RCE
68RISCO
abrir
Metasploit0
Raidsonic NAS Devices Unauthenticated Remote Command Execution
CVE-2013-10049CRITICAL04 fev 2013
Raidsonic NAS Devices Unauthenticated Remote Command Execution
63RISCO
abrir
Metasploit600
D-Link Devices Unauthenticated Remote Command Execution
CVE-2013-10048CRITICAL04 fev 2013
D-Link Devices command.php Unauthenticated RCE
68RISCO
abrir
Metasploit600
SCADA 3S CoDeSys Gateway Server Directory Traversal
CVE-2012-470502 fev 2013
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitr
50RISCO
abrir
Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
CVE-2020-1589301 fev 2013
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled b
23RISCO
abrir
Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
CVE-2019-2021501 fev 2013
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the
60RISCO
abrir
Metasploit600
D-Link Unauthenticated Remote Command Execution using UPnP via a special crafted M-SEARCH packet.
CVE-2023-3362501 fev 2013
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability vi
30RISCO
abrir
anteriorpágina 66 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.