Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.114exploits catalogados
31.649CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.810GitHub PoC 13.116VulnCheck XDB 8069Nuclei 4188Metasploit 3462✓ solo verificadosrecientespopularesriesgo
22.469 exploits
Exploit-DB
Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds
In the Linux kernel before 5.4.2, the io_uring feature leads to requests that inadvertently have UID 0 and full capabili
23RIESGO
abrir ↗Exploit-DB
Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)
A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a
33RIESGO
abrir ↗Exploit-DB
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier v
35RIESGO
abrir ↗Exploit-DB
Apache Olingo OData 4.0 - XML External Entity Injection
The XML content type entity deserializer in Apache Olingo versions 4.0.0 to 4.6.0 is not configured to deny the resoluti
28RIESGO
abrir ↗Exploit-DB
AppXSvc 17763 - Arbitrary File Overwrite (DoS)
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard li
23RIESGO
abrir ↗Exploit-DB
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result
90RIESGO
abrir ↗Exploit-DB
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check
28RIESGO
abrir ↗Exploit-DB
Verot 2.0.3 - Remote Code Execution
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! an
28RIESGO
abrir ↗Exploit-DB
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow
Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs pa
28RIESGO
abrir ↗Exploit-DB
Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, w
23RIESGO
abrir ↗Exploit-DB
Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to exec
28RIESGO
abrir ↗Exploit-DB
Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to exec
28RIESGO
abrir ↗Exploit-DB
Cisco WLC 2504 8.9 - Denial of Service (PoC)
Cisco Wireless LAN Controller HTTP Parsing Engine Denial of Service Vulnerability
53RIESGO
abrir ↗Exploit-DB
Revive Adserver 4.2 - Remote Code Execution
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() cal
50RIESGO
abrir ↗Exploit-DB
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a pa
23RIESGO
abrir ↗Exploit-DB
Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet
93RIESGO
abrir ↗Exploit-DB
GNU Mailutils 3.7 - Privilege Escalation
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
23RIESGO
abrir ↗Exploit-DB
Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path
Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs
41RIESGO
abrir ↗Exploit-DB
Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs
Type confusion in shiftfs
41RIESGO
abrir ↗Exploit-DB
Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs
Reference count underflow in shiftfs
41RIESGO
abrir ↗Exploit-DB
Bludit - Directory Traversal Image File Upload (Metasploit)
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .j
60RIESGO
abrir ↗Exploit-DB
FusionPBX - Operator Panel exec.php Command Execution (Metasploit)
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerabili
60RIESGO
abrir ↗Exploit-DB
Pulse Secure VPN - Arbitrary Command Execution (Metasploit)
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1R
100RIESGO
abrir ↗Exploit-DB
Xorg X11 Server - Local Privilege Escalation (Metasploit)
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options wh
43RIESGO
abrir ↗Exploit-DB
Microsoft Windows 7 (x86) - 'BlueKeep' Remote Desktop Protocol (RDP) Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unau
100RIESGO
abrir ↗Exploit-DB
nipper-ng 0.11.10 - Remote Buffer Overflow (PoC)
A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows re
28RIESGO
abrir ↗Exploit-DB
Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal tech
28RIESGO
abrir ↗Exploit-DB
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft W
91RIESGO
abrir ↗Exploit-DB
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows
91RIESGO
abrir ↗Exploit-DB
Xfilesharing 2.5.1 - Arbitrary File Upload
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
28RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.