Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.622exploits catalogados
32.030CVEs con explotación pública
1932probados en laboratorio
8100 exploits
VulnCheck XDB
initial-access
CVE-2022-1388CRITICALbajo ataqueransomware12 jul 2025
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2024-24919HIGHbajo ataqueransomware12 jul 2025
Information disclosure
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-1212CRITICALbajo ataque12 jul 2025
LoadMaster Pre-Authenticated OS Command Injection
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-25257CRITICALbajo ataque12 jul 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2024-4577CRITICALbajo ataqueransomware11 jul 2025
Argument Injection in PHP-CGI
100RIESGO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALbajo ataque11 jul 2025
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2014-6287CRITICALbajo ataque11 jul 2025
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c a
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2024-4577CRITICALbajo ataqueransomware11 jul 2025
Argument Injection in PHP-CGI
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-24201CRITICALbajo ataque11 jul 2025
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in
78RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-5777CRITICALbajo ataqueransomware11 jul 2025
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-38856HIGHbajo ataque11 jul 2025
Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-32113CRITICALbajo ataque11 jul 2025
Apache OFBiz: Path traversal leading to RCE
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-25257CRITICALbajo ataque11 jul 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-10915CRITICAL11 jul 2025
D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection
85RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2024-25600CRITICAL10 jul 2025
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2021-44228CRITICALbajo ataqueransomware10 jul 2025
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2024-27954CRITICAL10 jul 2025
WordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary File Download and SSRF vulnerability
85RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-25257CRITICALbajo ataque10 jul 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHbajo ataque10 jul 2025
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-5777CRITICALbajo ataqueransomware10 jul 2025
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-30208MEDIUM10 jul 2025
Vite bypasses server.fs.deny when using `?raw??`
70RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-6218HIGHbajo ataque10 jul 2025
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability
93RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHbajo ataque10 jul 2025
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-6554HIGHbajo ataque10 jul 2025
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write v
71RIESGO
abrir
VulnCheck XDB
initial-access
CVE-2025-3408510 jul 2025
35RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-5777CRITICALbajo ataqueransomware10 jul 2025
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHbajo ataque10 jul 2025
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHbajo ataque09 jul 2025
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-5777CRITICALbajo ataqueransomware09 jul 2025
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir
VulnCheck XDB
infoleak
CVE-2025-6554HIGHbajo ataque09 jul 2025
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write v
71RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.