Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
19.810 exploits
Referência
CVE-2019-0211
CVE-2019-0211HIGHbajo ataque
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privilege
83RIESGO
abrir
Referência
CVE-2014-5519
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a dev
50RIESGO
abrir
Referência
CVE-2014-5519
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a dev
50RIESGO
abrir
Referência
CVE-2021-27877
CVE-2021-27877HIGHbajo ataqueransomware
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authenticat
98RIESGO
abrir
Referência
CVE-2016-7203
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a de
35RIESGO
abrir
Referência
CVE-2015-6973
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to
35RIESGO
abrir
Referência
CVE-2015-6973
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to
35RIESGO
abrir
Referência
CVE-2016-7237
Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, W
35RIESGO
abrir
Referência
CVE-2022-23221
H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IG
60RIESGO
abrir
Referência
CVE-2016-10175
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. Thi
50RIESGO
abrir
Referência
CVE-2011-0404
Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for Mac OS X 11.00 allows
50RIESGO
abrir
Referência
CVE-2011-0404
Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for Mac OS X 11.00 allows
50RIESGO
abrir
Referência
PHPMytourney - 'menu.php' Remote File Inclusion
PHP remote file inclusion vulnerability in menu.php in phpMytourney allows remote attackers to execute arbitrary PHP cod
35RIESGO
abrir
Referência
TugZip 3.00 Archiver - '.zip' Local Buffer Overflow
Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary
50RIESGO
abrir
Referência
Mercury Mail Transport System 4.01b - PH SERVER Remote Overflow
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long requ
50RIESGO
abrir
Referência
CVE-2020-7115
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon succ
35RIESGO
abrir
Referência
Mercury/32 Mail SMTPD - Remote Stack Overrun (PoC)
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, all
50RIESGO
abrir
Referência
GeekLog 2.x - 'ImageImageMagick.php' Remote File Inclusion
PHP remote file inclusion vulnerability in ImageImageMagick.php in Geeklog 2.x allows remote attackers to execute arbitr
35RIESGO
abrir
Referência
CVE-2015-1486
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers t
50RIESGO
abrir
Referência
CVE-2017-11764
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code
35RIESGO
abrir
Referência
CVE-2013-5019
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RIESGO
abrir
Referência
CVE-2013-5019
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RIESGO
abrir
Referência
CVE-2013-5019
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RIESGO
abrir
Referência
CVE-2013-5019
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resour
50RIESGO
abrir
Referência
CVE-2016-2296
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pag
50RIESGO
abrir
Referência
LAN Management System (LMS) 1.9.6 - Remote File Inclusion
PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remo
35RIESGO
abrir
Referência
MiniBill 1.2.5 - 'run_billing.php' Remote File Inclusion
PHP remote file inclusion vulnerability in crontab/run_billing.php in MiniBill 1.2.5 allows remote attackers to execute
35RIESGO
abrir
Referência
AdminBot 9.0.5 - 'live_status.lib.php' Remote File Inclusion
PHP remote file inclusion vulnerability in lib/live_status.lib.php in AdminBot MX 9.0.5 allows remote attackers to execu
35RIESGO
abrir
Referência
TROforum 0.1 - 'admin.php?site_url' Remote File Inclusion
PHP remote file inclusion vulnerability in admin/admin.php in TROforum 0.1 allows remote attackers to execute arbitrary
35RIESGO
abrir
Referência
CVE-2022-44149
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by
53RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.