Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
19.841 exploits
Referência
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow (PoC)
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions befo
50RIESGO
abrir
Referência
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions befo
50RIESGO
abrir
Referência
CVE-2017-8635
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Serve
35RIESGO
abrir
Referência
CVE-2018-0935
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Se
35RIESGO
abrir
Referência
CVE-2019-11708
CVE-2019-11708CRITICALbajo ataque
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result
90RIESGO
abrir
Referência
CVE-2019-7255
Linear eMerge E3-Series devices allow XSS.
50RIESGO
abrir
Referência
Joomla! Plugin tinybrowser 1.5.12 - Arbitrary File Upload / Execution
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
50RIESGO
abrir
Referência
CVE-2019-8387
MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, related to the thttpd component.
35RIESGO
abrir
Referência
CVE-2022-21882
CVE-2022-21882HIGHbajo ataque
Win32k Elevation of Privilege Vulnerability
98RIESGO
abrir
Referência
CVE-2014-7236
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary
50RIESGO
abrir
Referência
CVE-2014-4114
CVE-2014-4114HIGHbajo ataque
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2
100RIESGO
abrir
Referência
CVE-2018-17440
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves b
35RIESGO
abrir
Referência
CVE-2017-13872
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The is
50RIESGO
abrir
Referência
CVE-2017-13872
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The is
50RIESGO
abrir
Referência
CVE-2015-3042
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457
35RIESGO
abrir
Referência
CVE-2020-10221
CVE-2020-10221HIGHbajo ataque
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands vi
83RIESGO
abrir
Referência
CVE-2010-1472
Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attac
43RIESGO
abrir
Referência
CVE-2017-9798
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user
60RIESGO
abrir
Referência
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code
60RIESGO
abrir
Referência
WonderCMS 3.4.2 - Remote Code Execution (RCE)
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code
60RIESGO
abrir
Referência
CVE-2019-19609
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin c
35RIESGO
abrir
Referência
CVE-2019-19609
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin c
35RIESGO
abrir
Referência
Roundcube Webmail 0.2-3 Beta - Code Execution
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail)
35RIESGO
abrir
Referência
Roundcube Webmail 0.2b - Remote Code Execution
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail)
35RIESGO
abrir
Referência
CVE-2016-3325
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted w
35RIESGO
abrir
Referência
Quick TFTP Server Pro 2.1 - Remote Overflow (SEH)
Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote attackers to cause a denial of service o
50RIESGO
abrir
Referência
CVE-2017-11810
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Window
35RIESGO
abrir
Referência
CVE-2018-8831
A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/s
35RIESGO
abrir
Referência
CVE-2018-4233
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud
68RIESGO
abrir
Referência
CVE-2018-4233
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud
68RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.