Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit600
Cisco HyperFlex HX Data Platform Command Execution
Cisco HyperFlex HX Command Injection Vulnerabilities
100RISCO
abrir ↗Metasploit600
Cisco HyperFlex HX Data Platform Command Execution
Cisco HyperFlex HX Command Injection Vulnerabilities
100RISCO
abrir ↗Metasploit400
Dell DBUtil_2_3.sys IOCTL memmove
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privile
98RISCO
abrir ↗Metasploit600
Wordpress Plugin Backup Guard - Authenticated Remote Code Execution
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
60RISCO
abrir ↗Metasploit400
SuiteCRM Log File Remote Code Execution
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumsta
50RISCO
abrir ↗Metasploit400
SuiteCRM Log File Remote Code Execution
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain
50RISCO
abrir ↗Metasploit600
Git LFS Clone Command Exec
malicious repositories can execute remote code while cloning
58RISCO
abrir ↗Metasploit300
Netgear R7000 backup.cgi Heap Overflow RCE
NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without au
23RISCO
abrir ↗Metasploit500
Pi-Hole Remove Commands Linux Priv Esc
Multiple Privilege Escalation Vulnerabilities Pihole
28RISCO
abrir ↗Metasploit600
GitLab Unauthenticated Remote ExifTool Command Injection
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validati
100RISCO
abrir ↗Metasploit600
GitLab Unauthenticated Remote ExifTool Command Injection
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RISCO
abrir ↗Metasploit0
Google Chrome versions before 89.0.4389.128 V8 XOR Typer Out-Of-Bounds Access RCE
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to po
100RISCO
abrir ↗Metasploit300
Cockpit CMS NoSQLi to RCE
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.
60RISCO
abrir ↗Metasploit300
Cockpit CMS NoSQLi to RCE
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.
40RISCO
abrir ↗Metasploit500
2021 Ubuntu Overlayfs LPE
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting o
98RISCO
abrir ↗Metasploit600
Cisco Small Business RV Series Authentication Bypass and Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
40RISCO
abrir ↗Metasploit600
Cisco Small Business RV Series Authentication Bypass and Command Injection
Cisco Small Business RV Series Routers Vulnerabilities
50RISCO
abrir ↗Metasploit600
Microsoft Exchange ProxyShell RCE
Microsoft Exchange Server Elevation of Privilege Vulnerability
100RISCO
abrir ↗Metasploit600
Microsoft Exchange ProxyShell RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISCO
abrir ↗Metasploit600
Microsoft Exchange ProxyShell RCE
Microsoft Exchange Server Security Feature Bypass Vulnerability
100RISCO
abrir ↗Metasploit600
VMware vRealize Operations (vROps) Manager SSRF RCE
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authent
50RISCO
abrir ↗Metasploit600
VMware vRealize Operations (vROps) Manager SSRF RCE
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor
100RISCO
abrir ↗Metasploit300
GravCMS Remote Command Execution
Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
85RISCO
abrir ↗Metasploit0
macOS Gatekeeper check bypass
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2
90RISCO
abrir ↗Metasploit0
macOS Gatekeeper check bypass
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey
18RISCO
abrir ↗Metasploit600
Apache OFBiz SOAP Java Deserialization
RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI
60RISCO
abrir ↗Metasploit600
rConfig Vendors Auth File Upload RCE
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP fi
36RISCO
abrir ↗Metasploit600
F5 iControl REST Unauthenticated SSRF Token Generation RCE
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.
100RISCO
abrir ↗Metasploit600
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.