Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8078Nuclei 4190Metasploit 3462✓ solo verificadosrecientespopularesriesgo
8078 exploits
VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
infoleak
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter
85RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
infoleak
Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion
85RIESGO
abrir ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
initial-access
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception ha
100RIESGO
abrir ↗VulnCheck XDB
initial-access
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RIESGO
abrir ↗VulnCheck XDB
infoleak
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter
85RIESGO
abrir ↗VulnCheck XDB
initial-access
CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
initial-access
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. T
85RIESGO
abrir ↗VulnCheck XDB
initial-access
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
infoleak
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter
85RIESGO
abrir ↗VulnCheck XDB
initial-access
@nestjs/devtools-integration's CSRF to Sandbox Escape Allows for RCE against JS Developers
75RIESGO
abrir ↗VulnCheck XDB
initial-access
Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input
68RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
infoleak
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an
100RIESGO
abrir ↗VulnCheck XDB
client-side
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote at
71RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
infoleak
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack
100RIESGO
abrir ↗VulnCheck XDB
client-side
Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside
83RIESGO
abrir ↗VulnCheck XDB
initial-access
A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCa
90RIESGO
abrir ↗VulnCheck XDB
client-side
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when
76RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.