Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.105exploits catalogados
31.648CVEs con explotación pública
0probados en laboratorio
19.791 exploits
Referência
CVE-2017-12615
CVE-2017-12615HIGHbajo ataqueransomware
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisati
100RIESGO
abrir
Referência
HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'OVAS.exe' Overflow (SEH)
Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows
60RIESGO
abrir
Referência
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and
50RIESGO
abrir
Referência
CVE-2019-15954
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the widgets privilege can gain achieve Remote
60RIESGO
abrir
Referência
CVE-2018-7890
A remote code execution issue was discovered in Zoho ManageEngine Applications Manager before 13.6 (build 13640). The pu
60RIESGO
abrir
Referência
CVE-2024-10915
D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection
85RIESGO
abrir
Referência
CVE-2025-2777
SysAid On-Prem <= 23.3.40 lshw Proceessing XML External Entity Injection
85RIESGO
abrir
Referência
Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service
Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, a
60RIESGO
abrir
Referência
CVE-2016-8740
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2
45RIESGO
abrir
Referência
CVE-2018-17553
An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs N
60RIESGO
abrir
Referência
CVE-2015-7709
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to b
60RIESGO
abrir
Referência
CVE-2015-7709
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to b
60RIESGO
abrir
Referência
CVE-2010-1549
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote
60RIESGO
abrir
Referência
CVE-2018-12465
Remote Code Execution in Micro Focus Secure Messaging Gateway
85RIESGO
abrir
Referência
CVE-2018-0769
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitra
45RIESGO
abrir
Referência
CVE-2018-10583
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically p
60RIESGO
abrir
Referência
CVE-2025-34291
CVE-2025-34291CRITICALbajo ataque
Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE
100RIESGO
abrir
Referência
CVE-2019-1622
Cisco Data Center Network Manager Information Disclosure Vulnerability
70RIESGO
abrir
Referência
CVE-2019-1622
Cisco Data Center Network Manager Information Disclosure Vulnerability
70RIESGO
abrir
Referência
CVE-2017-17692
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive informat
60RIESGO
abrir
Referência
CVE-2017-17692
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive informat
60RIESGO
abrir
Referência
CVE-2012-4792
CVE-2012-4792HIGHbajo ataque
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary cod
100RIESGO
abrir
Referência
CVE-2021-24931
Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection
60RIESGO
abrir
Referência
CVE-2020-6418
CVE-2020-6418HIGHbajo ataque
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corru
100RIESGO
abrir
Referência
CVE-2021-22555
CVE-2021-22555HIGHbajo ataque
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RIESGO
abrir
Referência
CVE-2021-22555
CVE-2021-22555HIGHbajo ataque
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RIESGO
abrir
Referência
CVE-2021-22555
CVE-2021-22555HIGHbajo ataque
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RIESGO
abrir
Referência
CVE-2021-22555
CVE-2021-22555HIGHbajo ataque
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RIESGO
abrir
Referência
CVE-2021-22555
CVE-2021-22555HIGHbajo ataque
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RIESGO
abrir
Referência
CVE-2010-4417
Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2
60RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.