Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
CVE-2014-6332
CVE-2014-6332HIGHsob ataque
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows
100RISCO
abrir
Referência
CVE-2014-6332
CVE-2014-6332HIGHsob ataque
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows
100RISCO
abrir
Referência
CVE-2014-6332
CVE-2014-6332HIGHsob ataque
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows
100RISCO
abrir
Referência
CVE-2014-6332
CVE-2014-6332HIGHsob ataque
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows
100RISCO
abrir
Referência
CVE-2019-20215
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the
60RISCO
abrir
Referência
CVE-2023-7028
CVE-2023-7028CRITICALsob ataque
Weak Password Recovery Mechanism for Forgotten Password in GitLab
100RISCO
abrir
Referência
CVE-2020-2883
CVE-2020-2883CRITICALsob ataque
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions th
100RISCO
abrir
Referência
CVE-2021-4034
CVE-2021-4034HIGHsob ataque
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISCO
abrir
Referência
CVE-2021-4034
CVE-2021-4034HIGHsob ataque
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISCO
abrir
Referência
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,
60RISCO
abrir
Referência
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,
60RISCO
abrir
Referência
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,
60RISCO
abrir
Referência
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,
60RISCO
abrir
Referência
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,
60RISCO
abrir
Referência
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18,
60RISCO
abrir
Referência
CVE-2017-9822
CVE-2017-9822HIGHsob ataqueransomware
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code e
100RISCO
abrir
Referência
CVE-2010-4915
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL
23RISCO
abrir
Referência9
k4nfr3/CVE-2024-9474
CVE-2024-9474MEDIUMsob ataqueransomware
PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface
100RISCO
abrir
Referência
CVE-2021-46422
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute
60RISCO
abrir
Referência
CVE-2021-46422
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute
60RISCO
abrir
Referência
CVE-2020-6287
CVE-2020-6287CRITICALsob ataque
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication c
100RISCO
abrir
Referência
Grafana 11.6.0 - SSRF
A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redire
78RISCO
abrir
Referência
CVE-2017-9248
CVE-2017-9248CRITICALsob ataque
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not
100RISCO
abrir
Referência
CVE-2024-8517
SPIP Bigup Multipart File Upload OS Command Injection
85RISCO
abrir
Referência
CVE-2024-8517
SPIP Bigup Multipart File Upload OS Command Injection
85RISCO
abrir
Referência
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allo
85RISCO
abrir
Referência
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allo
85RISCO
abrir
Referência
CVE-2020-24186
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allo
85RISCO
abrir
Referência
CVE-2016-5674
__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR Rea
60RISCO
abrir
Referência
CVE-2010-3972
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0
60RISCO
abrir

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.