Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
19.791 exploits
Referência
CVE-2020-8654
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoD
60RISCO
abrir
Referência
CVE-2020-8654
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoD
60RISCO
abrir
Referência
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpe
60RISCO
abrir
Referência
CVE-2025-34037
Linksys Routers E/WAG/WAP/WES/WET/WRT-Series
85RISCO
abrir
Referência
CVE-2013-2423
CVE-2013-2423LOWsob ataque
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and
95RISCO
abrir
Referência
CVE-2023-28343
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/managemen
60RISCO
abrir
Referência
Microsoft Internet Explorer 7 - Memory Corruption (PoC) (MS09-002)
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows r
60RISCO
abrir
Referência
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (MS09-002)
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows r
60RISCO
abrir
Referência
Microsoft Internet Explorer 7 (Windows XP SP2) - Memory Corruption (MS09-002)
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows r
60RISCO
abrir
Referência
Microsoft Internet Explorer 7 - Memory Corruption (MS09-002)
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows r
60RISCO
abrir
Referência
CVE-2015-2794
The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain S
60RISCO
abrir
Referência
CVE-2014-0322
CVE-2014-0322HIGHsob ataque
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code v
100RISCO
abrir
Referência
CVE-2014-0322
CVE-2014-0322HIGHsob ataque
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code v
100RISCO
abrir
Referência
CVE-2019-20361
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to b
78RISCO
abrir
Referência
CVE-2009-2335
WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the u
60RISCO
abrir
Referência
CVE-2013-3906
CVE-2013-3906HIGHsob ataque
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compati
100RISCO
abrir
Referência
CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut
45RISCO
abrir
Referência
CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execut
45RISCO
abrir
Referência
CVE-2017-2741
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmwa
60RISCO
abrir
Referência
CVE-2017-2741
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmwa
60RISCO
abrir
Referência
CVE-2023-38950
CVE-2023-38950HIGHsob ataque
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbit
100RISCO
abrir
Referência
CVE-2019-8449
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate username
60RISCO
abrir
Referência
CVE-2015-6132
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2
60RISCO
abrir
Referência
CVE-2015-7858
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via un
60RISCO
abrir
Referência
CVE-2015-7858
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via un
60RISCO
abrir
Referência
CVE-2015-7858
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via un
60RISCO
abrir
Referência
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the pro
60RISCO
abrir
Referência
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the pro
60RISCO
abrir
Referência
CVE-2026-7098
Tenda F456 httpd DhcpListClient fromDhcpListClient buffer overflow
41RISCO
abrir
Referência
CVE-2026-7097
Tenda F456 httpd webExcptypemanFilter fromwebExcptypemanFilter buffer overflow
41RISCO
abrir
anteriorpágina 21 / 660próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.