Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.622exploits catalogados
32.030CVEs com exploração pública
1.932testados em laboratório
TodosExploit-DB 22.786Referência 19.896GitHub PoC 13.187VulnCheck XDB 8.100Nuclei 4.191Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.896 exploits
Referência
CVE-2013-3630
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell
50RISCO
abrir ↗Referência
CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static
70RISCO
abrir ↗Referência
CVE-2017-0083
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers
35RISCO
abrir ↗Referência
CVE-2017-0087
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers
35RISCO
abrir ↗Referência
CVE-2017-0072
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers
35RISCO
abrir ↗Referência
CVE-2017-0090
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers
35RISCO
abrir ↗Referência
CVE-2020-0787
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperl
98RISCO
abrir ↗Referência
CVE-2015-3082
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460
35RISCO
abrir ↗Referência
CVE-2016-7274
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server
35RISCO
abrir ↗Referência
PHPOracleView - 'include_all.inc.php?page_dir' Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in inc/include_all.inc.php in phporacleview allow remote attackers to
35RISCO
abrir ↗Referência
CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static
70RISCO
abrir ↗Referência
CVE-2014-1649
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functional
50RISCO
abrir ↗Referência
iziContents rc6 - Local/Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to execute ar
35RISCO
abrir ↗Referência
PHP wcms XT 0.0.7 - Multiple Remote File Inclusions
Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 BETA and earlier allow remote attackers to execut
35RISCO
abrir ↗Referência
CVE-2010-2709
Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote at
50RISCO
abrir ↗Referência
CVE-2013-2573
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cam
35RISCO
abrir ↗Referência
Microsoft Office - MSODataSourceControl COM-object Buffer Overflow (PoC)
Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of
35RISCO
abrir ↗Referência
CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called direc
60RISCO
abrir ↗Referência
CVE-2014-6436
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to
35RISCO
abrir ↗Referência
CVE-2017-0121
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server
35RISCO
abrir ↗Referência
CVE-2012-0266
Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitr
50RISCO
abrir ↗Referência
CVE-2020-9374
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploit
35RISCO
abrir ↗Referência
Apple QuickTime 7.2/7.3 - RTSP Response Remote Overwrite (SEH)
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac
50RISCO
abrir ↗Referência
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac
50RISCO
abrir ↗Referência
CVE-2017-0088
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers
35RISCO
abrir ↗Referência
MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via
35RISCO
abrir ↗Referência
MyBulletinBoard (MyBB) 1.2.10 - Remote Code Execution
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via
35RISCO
abrir ↗Referência
CVE-2016-10074
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass
35RISCO
abrir ↗Referência
CVE-2016-10074
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass
35RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.