Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
8078 exploits
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque08 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque08 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-24354MEDIUM08 ago 2025
imgproxy is vulnerable to SSRF against 0.0.0.0
48RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2022-22947CRITICALbajo ataque08 ago 2025
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack whe
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque08 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque07 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-5777CRITICALbajo ataqueransomware07 ago 2025
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-30406CRITICALbajo ataque07 ago 2025
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-53770CRITICALbajo ataqueransomware07 ago 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque07 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque07 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHbajo ataque07 ago 2025
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-34152CRITICAL07 ago 2025
Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via Time Parameter
75RIESGO
abrir
VulnCheck XDB
denial-of-service
CVE-2020-0796CRITICALbajo ataqueransomware06 ago 2025
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol h
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24813CRITICALbajo ataque06 ago 2025
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque06 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque05 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-4577CRITICALbajo ataqueransomware05 ago 2025
Argument Injection in PHP-CGI
100RIESGO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALbajo ataque05 ago 2025
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2014-0160HIGHbajo ataque05 ago 2025
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packe
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-7028CRITICALbajo ataque05 ago 2025
Weak Password Recovery Mechanism for Forgotten Password in GitLab
100RIESGO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALbajo ataque05 ago 2025
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir
VulnCheck XDB
local
CVE-2023-22809HIGH05 ago 2025
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environmen
68RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque05 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque04 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2018-7600CRITICALbajo ataqueransomware04 ago 2025
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2021-44228CRITICALbajo ataqueransomware04 ago 2025
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-7340CRITICAL04 ago 2025
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Upload
48RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHbajo ataque04 ago 2025
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALbajo ataque04 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.