Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
19.810 exploits
Referência
CVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits runn
60RIESGO
abrir
Referência
CVE-2012-6588
SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL com
23RIESGO
abrir
Referência
CVE-2018-18323
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/
60RIESGO
abrir
Referência
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that ge
45RIESGO
abrir
Referência
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that ge
45RIESGO
abrir
Referência
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Ruby)
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that ge
45RIESGO
abrir
Referência
dagger Web engine 23jan2007 - Remote File Inclusion
PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows r
45RIESGO
abrir
Referência
CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive informatio
60RIESGO
abrir
Referência
CVE-2013-6117
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive informatio
60RIESGO
abrir
Referência
LaVague 0.3 - 'printbar.php?views_path' Remote File Inclusion
PHP remote file inclusion vulnerability in views/print/printbar.php in LaVague 0.3 and earlier allows remote attackers t
45RIESGO
abrir
Referência
CVE-2014-8686
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-
50RIESGO
abrir
Referência
CVE-2017-6736
CVE-2017-6736HIGHbajo ataque
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabiliti
93RIESGO
abrir
Referência
CVE-2021-21220
CVE-2021-21220HIGHbajo ataque
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to po
100RIESGO
abrir
Referência
CVE-2021-21220
CVE-2021-21220HIGHbajo ataque
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to po
100RIESGO
abrir
Referência
CVE-2022-28810
CVE-2022-28810MEDIUMbajo ataque
Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary
100RIESGO
abrir
Referência
CVE-2016-7288
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (m
45RIESGO
abrir
Referência
FileZilla FTP Server 0.9.21 - 'LIST/NLST' Denial of Service
FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to t
60RIESGO
abrir
Referência
CVE-2017-8634
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current u
45RIESGO
abrir
Referência
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attacke
60RIESGO
abrir
Referência
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attacke
60RIESGO
abrir
Referência
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attacke
60RIESGO
abrir
Referência
CVE-2021-2109
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
63RIESGO
abrir
Referência
CVE-2015-4495
CVE-2015-4495HIGHbajo ataque
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote
100RIESGO
abrir
Referência
ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 an
60RIESGO
abrir
Referência
ZeroShell 1.0beta11 - Remote Code Execution
cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell meta
60RIESGO
abrir
Referência
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager before 2.4.7
45RIESGO
abrir
Referência
Novell eDirectory < 8.7.3 SP 10 / 8.8.2 - HTTP headers Denial of Service
dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU con
45RIESGO
abrir
Referência
CVE-2018-8453
CVE-2018-8453HIGHbajo ataqueransomware
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in
98RIESGO
abrir
Referência
CVE-2018-8291
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft brow
45RIESGO
abrir
Referência
CVE-2018-8288
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft brow
45RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.