Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
3.462 exploits
Metasploit600
VMware View Planner Unauthenticated Log File Upload RCE
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input val
60RISCO
abrir ↗Metasploit300
Microsoft Exchange ProxyLogon Collector
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISCO
abrir ↗Metasploit600
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISCO
abrir ↗Metasploit300
Microsoft Exchange ProxyLogon Scanner
Microsoft Exchange Server Remote Code Execution Vulnerability
100RISCO
abrir ↗Metasploit600
Veritas Backup Exec Agent Remote Code Execution
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires suc
91RISCO
abrir ↗Metasploit600
Veritas Backup Exec Agent Remote Code Execution
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires suc
91RISCO
abrir ↗Metasploit600
Veritas Backup Exec Agent Remote Code Execution
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authenticat
98RISCO
abrir ↗Metasploit300
FortiLogger Arbitrary File Upload Exploit
FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUpl
60RISCO
abrir ↗Metasploit300
Unified Remote Auth Bypass to RCE
Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication
55RISCO
abrir ↗Metasploit600
IGEL OS Secure VNC/Terminal Command Injection RCE
IGEL OS Secure Terminal and Secure Shadow Remote Code Execution
63RISCO
abrir ↗Metasploit600
SaltStack Salt API Unauthenticated RCE through wheel_async client
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable
40RISCO
abrir ↗Metasploit600
SaltStack Salt API Unauthenticated RCE through wheel_async client
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel
40RISCO
abrir ↗Metasploit300
Wifi Mouse RCE
Necta WiFi Mouse (Mouse Server) client-side authentication bypass
40RISCO
abrir ↗Metasploit0
VMware vCenter Server Unauthenticated OVA File Upload RCE
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor
100RISCO
abrir ↗Metasploit600
Nagios XI 5.5.6 to 5.7.5 - ConfigWizards Authenticated Remote Code Exection
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi
100RISCO
abrir ↗Metasploit600
Nagios XI 5.5.6 to 5.7.5 - ConfigWizards Authenticated Remote Code Exection
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi
98RISCO
abrir ↗Metasploit600
Nagios XI 5.5.6 to 5.7.5 - ConfigWizards Authenticated Remote Code Exection
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi
100RISCO
abrir ↗Metasploit200
Win32k ConsoleControl Offset Confusion
Windows Win32k Elevation of Privilege Vulnerability
100RISCO
abrir ↗Metasploit200
Win32k ConsoleControl Offset Confusion
Win32k Elevation of Privilege Vulnerability
98RISCO
abrir ↗Metasploit600
Advantech iView Unauthenticated Remote Code Execution
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow a
30RISCO
abrir ↗Metasploit600
Micro Focus Operations Bridge Reporter Unauthenticated Command Injection
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The
100RISCO
abrir ↗Metasploit600
NetMotion Mobility Server MvcUtil Java Deserialization
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code
40RISCO
abrir ↗Metasploit300
NCR Command Center Agent Remote Code Execution
CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (wit
40RISCO
abrir ↗Metasploit600
Wordpress Plugin Modern Events Calendar - Authenticated Remote Code Execution
Modern Events Calendar Lite < 5.16.5 - Authenticated Arbitrary File Upload leading to RCE
60RISCO
abrir ↗Metasploit600
Sudo Heap-Based Buffer Overflow
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege
100RISCO
abrir ↗Metasploit600
Apache Druid 0.20.0 Remote Command Execution
Authenticated users can override system configurations in their requests which allows them to execute arbitrary code.
60RISCO
abrir ↗Metasploit600
Lucee Administrator imgProcess.cfm Arbitrary File Write
Remote Code Exploit in Lucee Admin
78RISCO
abrir ↗Metasploit600
Unauthenticated remote code execution in Ignition
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitra
100RISCO
abrir ↗Metasploit600
Microsoft Exchange Server DlpUtils AddTenantDlpPolicy RCE
Microsoft Exchange Remote Code Execution Vulnerability
65RISCO
abrir ↗Metasploit600
Microsoft Exchange Server DlpUtils AddTenantDlpPolicy RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
48RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.