Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
19.791 exploits
Referência
CVE-2020-8605
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitr
60RIESGO
abrir
Referência
CVE-2020-8605
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitr
60RIESGO
abrir
Referência
CVE-2017-11610
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem
60RIESGO
abrir
Referência
CVE-2016-6366
CVE-2016-6366HIGHbajo ataque
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Service
100RIESGO
abrir
Referência
CVE-2019-11409
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerabili
60RIESGO
abrir
Referência
CVE-2019-11409
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerabili
60RIESGO
abrir
Referência
CVE-2018-0777
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitra
45RIESGO
abrir
Referência
CVE-2013-2028
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cau
60RIESGO
abrir
Referência180
Unauthenticated Remote Code Execution – Bricks <= 1.9.6
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RIESGO
abrir
Referência57
A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RIESGO
abrir
Referência
CVE-2018-5999
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, pro
60RIESGO
abrir
Referência
CVE-2018-5999
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, pro
60RIESGO
abrir
Referência
CVE-2018-0101
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Softw
45RIESGO
abrir
Referência
Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers t
60RIESGO
abrir
Referência
TLS - Renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS
70RIESGO
abrir
Referência
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus
45RIESGO
abrir
Referência
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus
45RIESGO
abrir
Referência
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus
45RIESGO
abrir
Referência
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A
60RIESGO
abrir
Referência
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A
60RIESGO
abrir
Referência
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A
60RIESGO
abrir
Referência
CVE-2022-31706
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject fi
85RIESGO
abrir
Referência
CVE-2022-31706
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject fi
85RIESGO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHbajo ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RIESGO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHbajo ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RIESGO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHbajo ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RIESGO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHbajo ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RIESGO
abrir
Referência
Microsoft SQL Server - 'sp_replwritetovarbin()' Heap Overflow
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop
60RIESGO
abrir
Referência
CVE-2017-16894
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwo
60RIESGO
abrir
Referência
CVE-2018-1002105
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upg
70RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.