Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
CVE-2015-2996
Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrar
60RISCO
abrir
Referência
CVE-2018-1999002
A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framewor
45RISCO
abrir
Referência
CVE-2020-10915
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.
85RISCO
abrir
Referência
CVE-2022-31814
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metachar
85RISCO
abrir
Referência
CVE-2019-4716
CVE-2019-4716CRITICALsob ataque
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated use
100RISCO
abrir
Referência
CVE-2018-6961
CVE-2018-6961HIGHsob ataque
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web U
100RISCO
abrir
Referência
CVE-2025-9242
CVE-2025-9242CRITICALsob ataque
WatchGuard Firebox iked Out of Bounds Write Vulnerability
100RISCO
abrir
Referência
CVE-2020-14295
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead
60RISCO
abrir
Referência
CVE-2020-14295
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead
60RISCO
abrir
Referência
CVE-2025-49844
Redis Lua Use-After-Free may lead to remote code execution
85RISCO
abrir
Referência
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zim
60RISCO
abrir
Referência
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zim
60RISCO
abrir
Referência
CVE-2022-2992
A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows
85RISCO
abrir
Referência
CVE-2021-1675
CVE-2021-1675HIGHsob ataqueransomware
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir
Referência
CVE-2021-1675
CVE-2021-1675HIGHsob ataqueransomware
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir
Referência
CVE-2021-1675
CVE-2021-1675HIGHsob ataqueransomware
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir
Referência
CVE-2010-1743
SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via t
23RISCO
abrir
Referência
CVE-2026-1731
CVE-2026-1731CRITICALsob ataqueransomware
Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
100RISCO
abrir
Referência
CVE-2020-2038
PAN-OS: OS command injection vulnerability in the management web interface
78RISCO
abrir
Referência
CVE-2020-2038
PAN-OS: OS command injection vulnerability in the management web interface
78RISCO
abrir
Referência
CVE-2020-11652
CVE-2020-11652MEDIUMsob ataque
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISCO
abrir
Referência
CVE-2020-11652
CVE-2020-11652MEDIUMsob ataque
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISCO
abrir
Referência
CVE-2017-5255
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web
60RISCO
abrir
Referência
CVE-2013-3893
CVE-2013-3893HIGHsob ataque
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 throug
100RISCO
abrir
Referência
CVE-2013-1493
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and
60RISCO
abrir
Referência
CVE-2014-0226
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denia
45RISCO
abrir
Referência
CVE-2009-3129
CVE-2009-3129HIGHsob ataque
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Conv
100RISCO
abrir
Referência
CVE-2021-29447
WordPress Authenticated XXE attack when installation is running PHP 8
63RISCO
abrir
Referência
CVE-2021-29447
WordPress Authenticated XXE attack when installation is running PHP 8
63RISCO
abrir
Referência
CVE-2019-15975
Cisco Data Center Network Manager Authentication Bypass Vulnerabilities
85RISCO
abrir
anteriorpágina 20 / 660próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.