Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8069Nuclei 4187Metasploit 3462✓ solo verificadosrecientespopularesriesgo
3462 exploits
Metasploit600
Cisco HyperFlex HX Data Platform Command Execution
Cisco HyperFlex HX Command Injection Vulnerabilities
100RIESGO
abrir ↗Metasploit600
Cisco HyperFlex HX Data Platform Command Execution
Cisco HyperFlex HX Command Injection Vulnerabilities
100RIESGO
abrir ↗Metasploit400
Dell DBUtil_2_3.sys IOCTL memmove
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
98RIESGO
abrir ↗Metasploit600
Wordpress Plugin Backup Guard - Authenticated Remote Code Execution
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
60RIESGO
abrir ↗Metasploit400
SuiteCRM Log File Remote Code Execution
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumsta
50RIESGO
abrir ↗Metasploit400
SuiteCRM Log File Remote Code Execution
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain
50RIESGO
abrir ↗Metasploit600
Git LFS Clone Command Exec
malicious repositories can execute remote code while cloning
58RIESGO
abrir ↗Metasploit300
Netgear R7000 backup.cgi Heap Overflow RCE
NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without au
23RIESGO
abrir ↗Metasploit500
Pi-Hole Remove Commands Linux Priv Esc
Multiple Privilege Escalation Vulnerabilities Pihole
28RIESGO
abrir ↗Metasploit600
GitLab Unauthenticated Remote ExifTool Command Injection
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validati
100RIESGO
abrir ↗Metasploit600
GitLab Unauthenticated Remote ExifTool Command Injection
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RIESGO
abrir ↗Metasploit0
Google Chrome versions before 89.0.4389.128 V8 XOR Typer Out-Of-Bounds Access RCE
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to po
100RIESGO
abrir ↗Metasploit300
Cockpit CMS NoSQLi to RCE
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.
60RIESGO
abrir ↗Metasploit300
Cockpit CMS NoSQLi to RCE
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.
40RIESGO
abrir ↗Metasploit500
2021 Ubuntu Overlayfs LPE
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RIESGO
abrir ↗Metasploit600
Cisco Small Business RV Series Authentication Bypass and Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
40RIESGO
abrir ↗Metasploit600
Cisco Small Business RV Series Authentication Bypass and Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
50RIESGO
abrir ↗Metasploit600
Microsoft Exchange ProxyShell RCE
Microsoft Exchange Server Elevation of Privilege Vulnerability
100RIESGO
abrir ↗Metasploit600
Microsoft Exchange ProxyShell RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗Metasploit600
Microsoft Exchange ProxyShell RCE
Microsoft Exchange Server Security Feature Bypass Vulnerability
100RIESGO
abrir ↗Metasploit600
VMware vRealize Operations (vROps) Manager SSRF RCE
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authent
50RIESGO
abrir ↗Metasploit600
VMware vRealize Operations (vROps) Manager SSRF RCE
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor
100RIESGO
abrir ↗Metasploit300
GravCMS Remote Command Execution
Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
85RIESGO
abrir ↗Metasploit0
macOS Gatekeeper check bypass
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2
90RIESGO
abrir ↗Metasploit0
macOS Gatekeeper check bypass
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey
18RIESGO
abrir ↗Metasploit600
Apache OFBiz SOAP Java Deserialization
RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
60RIESGO
abrir ↗Metasploit600
rConfig Vendors Auth File Upload RCE
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP fi
36RIESGO
abrir ↗Metasploit600
F5 iControl REST Unauthenticated SSRF Token Generation RCE
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.
100RIESGO
abrir ↗Metasploit600
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.