Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
19.810 exploits
Referência
CVE-2019-10867
An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/c
50RIESGO
abrir
Referência
CVE-2019-10867
An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/c
50RIESGO
abrir
Referência
CVE-2017-8646
Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
35RIESGO
abrir
Referência
CVE-2017-8656
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code
35RIESGO
abrir
Referência
CVE-2017-8640
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary cod
35RIESGO
abrir
Referência
CVE-2017-8671
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary
35RIESGO
abrir
Referência
CVE-2017-8645
Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
35RIESGO
abrir
Referência
CVE-2018-8631
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet
35RIESGO
abrir
Referência
CVE-2017-11802
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker
35RIESGO
abrir
Referência
CVE-2013-0230
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP
50RIESGO
abrir
Referência
Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC)
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote at
35RIESGO
abrir
Referência
CVE-2022-22960
CVE-2022-22960HIGHbajo ataque
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due t
98RIESGO
abrir
Referência
CVE-2022-22960
CVE-2022-22960HIGHbajo ataque
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due t
98RIESGO
abrir
Referência
CVE-2020-13951
Attackers can use public NetTest web service of Apache OpenMeetings 4.0.0-5.0.0 to organize denial of service attack.
45RIESGO
abrir
Referência
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Window
50RIESGO
abrir
Referência
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (2)
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Window
50RIESGO
abrir
Referência
Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue (MS07-065)
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Window
50RIESGO
abrir
Referência
CVE-2016-4264
The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attack
35RIESGO
abrir
Referência
CVE-2018-8466
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
35RIESGO
abrir
Referência
CVE-2018-8467
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
35RIESGO
abrir
Referência
CVE-2018-11646
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFavicon
50RIESGO
abrir
Referência
CVE-2018-11646
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFavicon
50RIESGO
abrir
Referência
CVE-2018-10594
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPS
50RIESGO
abrir
Referência
CVE-2018-10594
Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPS
50RIESGO
abrir
Referência
CVE-2021-34621
ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation
75RIESGO
abrir
Referência
CVE-2026-24061
CVE-2026-24061CRITICALbajo ataque
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment
100RIESGO
abrir
Referência
CVE-2022-22960
CVE-2022-22960HIGHbajo ataque
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due t
98RIESGO
abrir
Referência
CVE-2016-0099
CVE-2016-0099HIGHbajo ataqueransomware
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
98RIESGO
abrir
Referência
CVE-2016-0099
CVE-2016-0099HIGHbajo ataqueransomware
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
98RIESGO
abrir
Referência
CVE-2016-0099
CVE-2016-0099HIGHbajo ataqueransomware
The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
98RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.