Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.294exploits catalogados
31.742CVEs con explotación pública
0probados en laboratorio
TodosExploit-DB 22.469Referência 19.888GitHub PoC 13.184VulnCheck XDB 8100Nuclei 4191Metasploit 3462✓ solo verificadosrecientespopularesriesgo
8100 exploits
VulnCheck XDB
initial-access
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection o
100RIESGO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir ↗VulnCheck XDB
remote-with-credentials
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute
60RIESGO
abrir ↗VulnCheck XDB
initial-access
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir ↗VulnCheck XDB
infoleak
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
48RIESGO
abrir ↗VulnCheck XDB
initial-access
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers'
85RIESGO
abrir ↗VulnCheck XDB
infoleak
DNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user input
68RIESGO
abrir ↗VulnCheck XDB
initial-access
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Upload
48RIESGO
abrir ↗VulnCheck XDB
initial-access
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir ↗VulnCheck XDB
infoleak
MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is resp
56RIESGO
abrir ↗VulnCheck XDB
client-side
MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter "layer" is reflected in an e
63RIESGO
abrir ↗VulnCheck XDB
initial-access
Royal Elementor Addons and Templates < 1.3.79 - Unauthenticated Arbitrary File Upload
60RIESGO
abrir ↗VulnCheck XDB
initial-access
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7
100RIESGO
abrir ↗VulnCheck XDB
infoleak
Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query
90RIESGO
abrir ↗VulnCheck XDB
initial-access
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbi
60RIESGO
abrir ↗VulnCheck XDB
initial-access
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RIESGO
abrir ↗VulnCheck XDB
initial-access
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.