Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
CVE-2020-8605
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitr
60RISCO
abrir
Referência
CVE-2020-8605
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitr
60RISCO
abrir
Referência
CVE-2017-11610
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem
60RISCO
abrir
Referência
CVE-2016-6366
CVE-2016-6366HIGHsob ataque
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Service
100RISCO
abrir
Referência
CVE-2019-11409
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerabili
60RISCO
abrir
Referência
CVE-2019-11409
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerabili
60RISCO
abrir
Referência
CVE-2018-0777
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitra
45RISCO
abrir
Referência
CVE-2013-2028
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cau
60RISCO
abrir
Referência180
Unauthenticated Remote Code Execution – Bricks <= 1.9.6
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RISCO
abrir
Referência57
A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)
WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability
85RISCO
abrir
Referência
CVE-2018-5999
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, pro
60RISCO
abrir
Referência
CVE-2018-5999
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, pro
60RISCO
abrir
Referência
CVE-2018-0101
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Softw
45RISCO
abrir
Referência
Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers t
60RISCO
abrir
Referência
TLS - Renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS
70RISCO
abrir
Referência
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus
45RISCO
abrir
Referência
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus
45RISCO
abrir
Referência
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus
45RISCO
abrir
Referência
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A
60RISCO
abrir
Referência
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A
60RISCO
abrir
Referência
CVE-2015-3864
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in A
60RISCO
abrir
Referência
CVE-2022-31706
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject fi
85RISCO
abrir
Referência
CVE-2022-31706
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject fi
85RISCO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHsob ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RISCO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHsob ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RISCO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHsob ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RISCO
abrir
Referência
CVE-2014-4113
CVE-2014-4113HIGHsob ataque
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a
100RISCO
abrir
Referência
Microsoft SQL Server - 'sp_replwritetovarbin()' Heap Overflow
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop
60RISCO
abrir
Referência
CVE-2017-16894
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwo
60RISCO
abrir
Referência
CVE-2018-1002105
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upg
70RISCO
abrir
anteriorpágina 18 / 660próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.