Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
3.462 exploits
Metasploit300
Firebird Relational Database CNCT Group Number Buffer Overflow
CVE-2013-249231 jan 2013
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windo
50RISCO
abrir
Metasploit300
Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution
CVE-2012-043930 jan 2013
An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows r
50RISCO
abrir
Metasploit300
Portable UPnP SDK unique_service_name() Remote Code Execution
CVE-2012-595829 jan 2013
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable
60RISCO
abrir
Metasploit600
Ruby on Rails JSON Processor YAML Deserialization Code Execution
CVE-2013-033328 jan 2013
lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly
60RISCO
abrir
Metasploit300
Ruby on Rails Devise Authentication Password Reset
CVE-2013-023328 jan 2013
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certa
23RISCO
abrir
Metasploit600
DataLife Engine preview.php PHP Code Injection
CVE-2013-141228 jan 2013
DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[] parameter to engine/pr
50RISCO
abrir
Metasploit600
ZoneMinder Video Server packageControl Command Execution
CVE-2013-023222 jan 2013
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitra
50RISCO
abrir
Metasploit300
GE Proficy Cimplicity WebView substitute.bcl Directory Traversal
CVE-2013-065322 jan 2013
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy
23RISCO
abrir
Metasploit600
Java Applet JMX Remote Code Execution
CVE-2013-0431MEDIUMsob ataqueransomware19 jan 2013
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and Ope
100RISCO
abrir
Metasploit0
Linksys WRT54GL apply.cgi Command Execution
CVE-2005-279918 jan 2013
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote
60RISCO
abrir
Metasploit600
EMC AlphaStor Device Manager Opcode 0x75 Command Injection
CVE-2013-092818 jan 2013
The NetWorker command processor in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote
50RISCO
abrir
Metasploit300
Cool PDF Image Stream Buffer Overflow
CVE-2012-491418 jan 2013
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a P
43RISCO
abrir
Metasploit300
Polycom Command Shell Authorization Bypass
CVE-2012-661018 jan 2013
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitra
23RISCO
abrir
Metasploit300
Linksys WRT54GL Remote Command Execution
CVE-2023-31742HIGH18 jan 2013
There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attack
36RISCO
abrir
Metasploit600
PHP-Charts v1.0 PHP Code Execution Vulnerability
CVE-2013-10070CRITICAL16 jan 2013
PHP-Charts v1.0 PHP Code Execution
63RISCO
abrir
Metasploit600
Java Applet JMX Remote Code Execution
CVE-2013-0422CRITICALsob ataqueransomware10 jan 2013
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using
100RISCO
abrir
Metasploit600
Java Applet Reflection Type Confusion Remote Code Execution
CVE-2013-2423LOWsob ataque10 jan 2013
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and
95RISCO
abrir
Metasploit600
Java Applet Driver Manager Privileged toString() Remote Code Execution
CVE-2013-148810 jan 2013
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remo
60RISCO
abrir
Metasploit300
BigAnt Server 2 SCH And DUPF Buffer Overflow
CVE-2012-627509 jan 2013
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have
50RISCO
abrir
Metasploit600
BigAnt Server DUPF Command Arbitrary File Upload
CVE-2012-627409 jan 2013
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to
50RISCO
abrir
Metasploit300
Firefox XMLSerializer Use After Free
CVE-2013-075308 jan 2013
Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox b
50RISCO
abrir
Metasploit600
Firefox 17.0.1 Flash Privileged Code Injection
CVE-2013-075708 jan 2013
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbi
50RISCO
abrir
Metasploit600
Firefox 17.0.1 Flash Privileged Code Injection
CVE-2013-075808 jan 2013
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderb
60RISCO
abrir
Metasploit300
Foxit Reader Plugin URL Processing Buffer Overflow
CVE-2013-10068CRITICAL07 jan 2013
Foxit Reader <= 5.4.5.0114 Plugin URL Processing Buffer Overflow
43RISCO
abrir
Metasploit600
Ruby on Rails XML Processor YAML Deserialization Code Execution
CVE-2013-015607 jan 2013
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, an
60RISCO
abrir
Metasploit600
Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
CVE-2013-020907 jan 2013
lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for reque
50RISCO
abrir
Metasploit600
Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
CVE-2012-631507 jan 2013
15RISCO
abrir
Metasploit300
WordPress Plugin Google Document Embedder Arbitrary File Disclosure
CVE-2012-491503 jan 2013
Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers t
50RISCO
abrir
Metasploit300
Simple Web Server 2.3-RC1 Directory Traversal
CVE-2002-186403 jan 2013
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitra
23RISCO
abrir
Metasploit600
eXtplorer v2.1 Arbitrary File Upload Vulnerability
CVE-2012-671031 dez 2012
ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empt
23RISCO
abrir
anteriorpágina 67 / 116próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.