Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.053exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
19.791 exploits
Referência
CVE-2019-3398
CVE-2019-3398HIGHbajo ataque
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote at
100RIESGO
abrir
Referência
CVE-2019-3398
CVE-2019-3398HIGHbajo ataque
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote at
100RIESGO
abrir
Referência
CVE-2019-3398
CVE-2019-3398HIGHbajo ataque
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote at
100RIESGO
abrir
Referência
CVE-2019-7256
CVE-2019-7256CRITICALbajo ataque
Linear eMerge E3-Series devices allow Command Injections.
100RIESGO
abrir
Referência
CVE-2019-7256
CVE-2019-7256CRITICALbajo ataque
Linear eMerge E3-Series devices allow Command Injections.
100RIESGO
abrir
Referência
CVE-2019-7256
CVE-2019-7256CRITICALbajo ataque
Linear eMerge E3-Series devices allow Command Injections.
100RIESGO
abrir
Referência
CVE-2019-7256
CVE-2019-7256CRITICALbajo ataque
Linear eMerge E3-Series devices allow Command Injections.
100RIESGO
abrir
Referência
CVE-2020-2555
CVE-2020-2555CRITICALbajo ataque
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Su
100RIESGO
abrir
Referência
CVE-2020-2555
CVE-2020-2555CRITICALbajo ataque
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Su
100RIESGO
abrir
Referência
CVE-2020-2555
CVE-2020-2555CRITICALbajo ataque
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Su
100RIESGO
abrir
Referência
CVE-2023-26360
CVE-2023-26360HIGHbajo ataque
Adobe ColdFusion Improper Access Control Arbitrary code execution
100RIESGO
abrir
Referência
CVE-2021-44790
Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier
45RIESGO
abrir
Referência
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
60RIESGO
abrir
Referência
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
60RIESGO
abrir
Referência
CVE-2015-2051
CVE-2015-2051HIGHbajo ataque
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute ar
100RIESGO
abrir
Referência
nweb2fax 0.2.7 - Multiple Vulnerabilities
viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to execute arbitrary code via shell metacharacters in t
23RIESGO
abrir
Referência
CVE-2023-0297
Code Injection in pyload/pyload
85RIESGO
abrir
Referência
CVE-2023-0297
Code Injection in pyload/pyload
85RIESGO
abrir
Referência
CVE-2020-11455
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileM
60RIESGO
abrir
Referência
LimeSurvey 4.1.11 - 'File Manager' Path Traversal
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileM
60RIESGO
abrir
Referência
CVE-2022-0824
Improper Access Control to Remote Code Execution in webmin/webmin
78RIESGO
abrir
Referência
CVE-2022-0824
Improper Access Control to Remote Code Execution in webmin/webmin
78RIESGO
abrir
Referência
CVE-2017-8291
CVE-2017-8291HIGHbajo ataque
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion
100RIESGO
abrir
Referência
CVE-2010-3962
CVE-2010-3962HIGHbajo ataque
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary cod
100RIESGO
abrir
Referência
CVE-2010-3962
CVE-2010-3962HIGHbajo ataque
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary cod
100RIESGO
abrir
Referência
CVE-2021-40444
CVE-2021-40444HIGHbajo ataqueransomware
Microsoft MSHTML Remote Code Execution Vulnerability
100RIESGO
abrir
Referência
CVE-2021-40444
CVE-2021-40444HIGHbajo ataqueransomware
Microsoft MSHTML Remote Code Execution Vulnerability
100RIESGO
abrir
Referência
CVE-2021-40444
CVE-2021-40444HIGHbajo ataqueransomware
Microsoft MSHTML Remote Code Execution Vulnerability
100RIESGO
abrir
Referência
CVE-2018-17456
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x be
60RIESGO
abrir
Referência
CVE-2015-3306
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and
60RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.