Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.181exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
19.841 exploits
Referência
CVE-2015-1587
Unrestricted file upload vulnerability in file_to_index.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earl
50RISCO
abrir
Referência
IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Remote Buffer Overflow
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, in
50RISCO
abrir
Referência
IBM Domino Web Access Upload Module - 'dwa7w.dll' Remote Buffer Overflow
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, in
50RISCO
abrir
Referência
IBM Domino Web Access Upload Module - Overwrite (SEH)
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, in
50RISCO
abrir
Referência
CVE-2023-24709
An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and l
53RISCO
abrir
Referência
CVE-2018-15710
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php.
50RISCO
abrir
Referência
CVE-2018-15710
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php.
50RISCO
abrir
Referência
CVE-2022-3552
Unrestricted Upload of File with Dangerous Type in boxbilling/boxbilling
53RISCO
abrir
Referência
CVE-2021-3493
CVE-2021-3493HIGHsob ataque
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RISCO
abrir
Referência
CVE-2021-3493
CVE-2021-3493HIGHsob ataque
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RISCO
abrir
Referência
CVE-2021-3493
CVE-2021-3493HIGHsob ataque
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RISCO
abrir
Referência
CVE-2018-0866
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Se
35RISCO
abrir
Referência
CVE-2019-6116
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to
35RISCO
abrir
Referência
CVE-2019-6116
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to
35RISCO
abrir
Referência
CVE-2019-6116
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to
35RISCO
abrir
Referência
CVE-2018-1306
The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote a
35RISCO
abrir
Referência
CVE-2020-13693
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Regi
35RISCO
abrir
Referência
CVE-2014-8687
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root
50RISCO
abrir
Referência
CVE-2014-8687
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root
50RISCO
abrir
Referência
CVE-2014-8687
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root
50RISCO
abrir
Referência
CVE-2014-8687
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root
50RISCO
abrir
Referência
CVE-2018-8625
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows
35RISCO
abrir
Referência
CVE-2021-31642
A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including B
35RISCO
abrir
Referência
Microsoft Office Products - Array Index Bounds Error (PoC)
MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of
35RISCO
abrir
Referência
CVE-2016-0111
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a
35RISCO
abrir
Referência
CVE-2017-8558
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Micr
35RISCO
abrir
Referência
CVE-2016-3225
The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,
50RISCO
abrir
Referência
CVE-2017-10366
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Perform
35RISCO
abrir
Referência
CVE-2015-3106
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows
35RISCO
abrir
Referência
CVE-2016-3235
CVE-2016-3235HIGHsob ataque
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 misha
98RISCO
abrir
anteriorpágina 70 / 662próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.