Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
CVE-2017-0145
CVE-2017-0145HIGHsob ataqueransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows
100RISCO
abrir
Referência
CVE-2024-7954
SPIP porte_plume Plugin Arbitrary PHP Execution
85RISCO
abrir
Referência
CVE-2016-1525
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allow
60RISCO
abrir
Referência
CVE-2010-3209
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code
23RISCO
abrir
Referência
CVE-2024-13160
CVE-2024-13160CRITICALsob ataque
Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Up
100RISCO
abrir
Referência
CVE-2025-37164
CVE-2025-37164CRITICALsob ataque
A remote code execution issue exists in HPE OneView.
100RISCO
abrir
Referência
CVE-2019-7195
CVE-2019-7195CRITICALsob ataqueransomware
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fi
100RISCO
abrir
Referência
CVE-2018-7358
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper cha
55RISCO
abrir
Referência
CVE-2019-17621
CVE-2019-17621CRITICALsob ataque
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated rem
100RISCO
abrir
Referência
CVE-2018-4878
CVE-2018-4878HIGHsob ataqueransomware
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to
93RISCO
abrir
Referência
CVE-2018-14417
A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particul
45RISCO
abrir
Referência
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C
45RISCO
abrir
Referência
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C
45RISCO
abrir
Referência
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C
45RISCO
abrir
Referência
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C
45RISCO
abrir
Referência
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C
45RISCO
abrir
Referência
CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C
45RISCO
abrir
Referência
CVE-2025-64446
CVE-2025-64446CRITICALsob ataque
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb
100RISCO
abrir
Referência
CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly
60RISCO
abrir
Referência
CVE-2020-0601
CVE-2020-0601HIGHsob ataque
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) c
93RISCO
abrir
Referência
CVE-2020-0601
CVE-2020-0601HIGHsob ataque
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) c
93RISCO
abrir
Referência
CVE-2020-2096
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a ref
60RISCO
abrir
Referência
CVE-2020-25213
CVE-2020-25213CRITICALsob ataque
The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitra
100RISCO
abrir
Referência
CVE-2014-2623
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown
60RISCO
abrir
Referência
CVE-2014-2623
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown
60RISCO
abrir
Referência
CVE-2014-2623
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown
60RISCO
abrir
Referência
CVE-2014-2623
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown
60RISCO
abrir
Referência
CVE-2022-24716
Path traversal in Icinga Web 2
78RISCO
abrir
Referência
CVE-2018-15708
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP r
60RISCO
abrir
Referência
CVE-2018-15708
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP r
60RISCO
abrir
anteriorpágina 15 / 660próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.