Explotación pública
Catálogo de exploits
Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.
71.622exploits catalogados
32.030CVEs con explotación pública
1932probados en laboratorio
TodosExploit-DB 22.786Referência 19.896GitHub PoC 13.187VulnCheck XDB 8100Nuclei 4191Metasploit 3462✓ solo verificadosrecientespopularesriesgo
8100 exploits
VulnCheck XDB
initial-access
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13
100RIESGO
abrir ↗VulnCheck XDB
initial-access
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RIESGO
abrir ↗VulnCheck XDB
initial-access
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c a
100RIESGO
abrir ↗VulnCheck XDB
client-side
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in
78RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
initial-access
Apache OFBiz: Unauthenticated endpoint could allow execution of screen rendering code
100RIESGO
abrir ↗VulnCheck XDB
initial-access
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir ↗VulnCheck XDB
initial-access
D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection
85RIESGO
abrir ↗VulnCheck XDB
initial-access
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RIESGO
abrir ↗VulnCheck XDB
initial-access
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RIESGO
abrir ↗VulnCheck XDB
infoleak
WordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary File Download and SSRF vulnerability
85RIESGO
abrir ↗VulnCheck XDB
initial-access
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerabi
100RIESGO
abrir ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
client-side
RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability
93RIESGO
abrir ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir ↗VulnCheck XDB
client-side
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write v
71RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RIESGO
abrir ↗VulnCheck XDB
infoleak
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RIESGO
abrir ↗VulnCheck XDB
infoleak
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write v
71RIESGO
abrir ↗Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.