Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
19.841 exploits
Referência
CVE-2015-5477
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (
60RIESGO
abrir
Referência
CVE-2015-2208
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via she
50RIESGO
abrir
Referência
CVE-2012-2115
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote atta
23RIESGO
abrir
Referência
CVE-2009-4660
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to
50RIESGO
abrir
Referência
CVE-2009-4660
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to
50RIESGO
abrir
Referência
CVE-2015-1793
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly
50RIESGO
abrir
Referência
wanewsletter 2.1.3 - Remote File Inclusion
PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to e
35RIESGO
abrir
Referência
Feindt Computerservice News 2.0 - 'newsadmin.php?action' Remote File Inclusion
PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote
35RIESGO
abrir
Referência
CVE-2025-34152
Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via Time Parameter
75RIESGO
abrir
Referência
CVE-2016-1209
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via
50RIESGO
abrir
Referência
CVE-2017-8835
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw
50RIESGO
abrir
Referência
CVE-2015-3306
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and
60RIESGO
abrir
Referência
LimeSurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow remote attackers to exe
35RIESGO
abrir
Referência
CVE-2018-16836
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attac
50RIESGO
abrir
Referência
CVE-2014-2364
Advantech WebAccess Stack-Based Buffer Overflow
68RIESGO
abrir
Referência
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 f
50RIESGO
abrir
Referência
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 f
50RIESGO
abrir
Referência
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 f
50RIESGO
abrir
Referência
CVE-2017-1000119
October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise
50RIESGO
abrir
Referência
CVE-2015-8399
Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName p
50RIESGO
abrir
Referência
CVE-2023-28502
Stack buffer overflow in UniRPC's udadmin_server service
75RIESGO
abrir
Referência
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)
Local privilege escalation via snapd socket
53RIESGO
abrir
Referência
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)
Local privilege escalation via snapd socket
53RIESGO
abrir
Referência
CVE-2018-7445
CVE-2018-7445CRITICALbajo ataque
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remot
90RIESGO
abrir
Referência
CVE-2015-7602
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (d
50RIESGO
abrir
Referência
CVE-2015-7602
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (d
50RIESGO
abrir
Referência
CVE-2014-2849
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users
50RIESGO
abrir
Referência
CVE-2014-3913
Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrar
50RIESGO
abrir
Referência
CVE-2014-3913
Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrar
50RIESGO
abrir
Referência
CVE-2023-27179
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename paramet
68RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.