Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
8078 exploits
VulnCheck XDB
initial-access
CVE-2022-4288923 jul 2025
Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-4577CRITICALbajo ataqueransomware23 jul 2025
Argument Injection in PHP-CGI
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2018-1171423 jul 2025
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00
35RIESGO
abrir
VulnCheck XDB
denial-of-service
CVE-2023-44487HIGHbajo ataque23 jul 2025
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many
93RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-29927CRITICAL23 jul 2025
Authorization Bypass in Next.js Middleware
85RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2017-12637HIGHbajo ataque23 jul 2025
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Se
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2018-120722 jul 2025
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-53770CRITICALbajo ataqueransomware22 jul 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-346022 jul 2025
Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation
60RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2019-713922 jul 2025
An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which ca
43RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2018-120722 jul 2025
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-53770CRITICALbajo ataqueransomware22 jul 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-53770CRITICALbajo ataqueransomware22 jul 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-282522 jul 2025
35RIESGO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALbajo ataque22 jul 2025
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-3408522 jul 2025
35RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-53770CRITICALbajo ataqueransomware22 jul 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2022-138622 jul 2025
Fusion Builder < 3.6.2 - Unauthenticated SSRF
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-3408522 jul 2025
35RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-53770CRITICALbajo ataqueransomware21 jul 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2023-7028CRITICALbajo ataque21 jul 2025
Weak Password Recovery Mechanism for Forgotten Password in GitLab
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2024-4947CRITICALbajo ataque21 jul 2025
Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside
83RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2023-3864621 jul 2025
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary comman
60RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-53770CRITICALbajo ataqueransomware21 jul 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-53770CRITICALbajo ataqueransomware21 jul 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability
100RIESGO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-49706MEDIUMbajo ataqueransomware20 jul 2025
Microsoft SharePoint Server Spoofing Vulnerability
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHbajo ataque20 jul 2025
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-3408520 jul 2025
35RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-25257CRITICALbajo ataque19 jul 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-41646CRITICAL19 jul 2025
RevPi Webstatus application is vulnerable to an authentication bypass
75RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.