Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.180exploits catalogados
31.691CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8078Nuclei 4190Metasploit 3462✓ solo verificadosrecientespopularesriesgo
22.469 exploits
Exploit-DB
Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery
Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF.
23RIESGO
abrir ↗Exploit-DB
Ghostscript 9.26 - Pseudo-Operator Remote Code Execution
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to
35RIESGO
abrir ↗Exploit-DB
SirsiDynix e-Library 3.5.x - Cross-Site Scripting
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
23RIESGO
abrir ↗Exploit-DB
Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php.
50RIESGO
abrir ↗Exploit-DB
Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP r
60RIESGO
abrir ↗Exploit-DB
Linux Kernel 4.13 - 'compat_get_timex()' Leak Kernel Pointer
The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitiv
23RIESGO
abrir ↗Exploit-DB
GattLib 0.2 - Stack Buffer Overflow
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
23RIESGO
abrir ↗Exploit-DB
SCP Client - Multiple Vulnerabilities (SSHtranger Things)
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses wh
45RIESGO
abrir ↗Exploit-DB
Microsoft Edge Chakra - 'InlineArrayPush' Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
35RIESGO
abrir ↗Exploit-DB
Microsoft Edge Chakra - 'NewScObjectNoCtor' or 'InitProto' Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
45RIESGO
abrir ↗Exploit-DB
Microsoft Edge Chakra - 'NewScObjectNoCtor' or 'InitProto' Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
45RIESGO
abrir ↗Exploit-DB
Microsoft Edge Chakra - 'InitClass' Type Confusion
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
45RIESGO
abrir ↗Exploit-DB
Joomla! Core 3.9.1 - Persistent Cross-Site Scripting in Global Configuration Textfilter Settings
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allo
23RIESGO
abrir ↗Exploit-DB
Microsoft Edge Chakra - 'JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode' Use-After-Free
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Mi
35RIESGO
abrir ↗Exploit-DB
SCP Client - Multiple Vulnerabilities (SSHtranger Things)
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-T
38RIESGO
abrir ↗Exploit-DB
Pydio / AjaXplorer < 5.0.4 - (Unauthenticated) Arbitrary File Upload
Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly
23RIESGO
abrir ↗Exploit-DB
Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware (subcomponent: Valid Session). The s
23RIESGO
abrir ↗Exploit-DB
NTPsec 1.1.2 - 'ntp_control' (Authenticated) NULL Pointer Dereference (PoC)
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd
28RIESGO
abrir ↗Exploit-DB
NTPsec 1.1.2 - 'config' (Authenticated) Out-of-Bounds Write Denial of Service (PoC)
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a
28RIESGO
abrir ↗Exploit-DB
Fortinet FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 al
75RIESGO
abrir ↗Exploit-DB
NTPsec 1.1.2 - 'ntp_control' Out-of-Bounds Read (PoC)
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read be
35RIESGO
abrir ↗Exploit-DB
NTPsec 1.1.2 - 'ctl_getitem' Out-of-Bounds Read (PoC)
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read
50RIESGO
abrir ↗Exploit-DB
Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
60RIESGO
abrir ↗Exploit-DB
ShoreTel / Mitel Connect ONSITE 19.49.5200.0 - Remote Code Execution
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.
28RIESGO
abrir ↗Exploit-DB
Microsoft Windows 10 - 'RestrictedErrorInfo' Unmarshal Section Handle Use-After-Free
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windo
23RIESGO
abrir ↗Exploit-DB
WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1,
23RIESGO
abrir ↗Exploit-DB
Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation
An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape
23RIESGO
abrir ↗Exploit-DB
GL-AR300M-Lite 2.27 - (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal
download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files.
28RIESGO
abrir ↗Exploit-DB
GL-AR300M-Lite 2.27 - (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal
Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote atta
28RIESGO
abrir ↗Exploit-DB
blueman - set_dhcp_handler D-Bus Privilege Escalation (Metasploit)
The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users
38RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.