Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.062exploits catalogados
31.617CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.467Referência 19.791GitHub PoC 13.086VulnCheck XDB 8.069Nuclei 4.187Metasploit 3.462✓ só verificadosrecentespopularesrisco
8.069 exploits
VulnCheck XDB
initial-access
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RISCO
abrir ↗VulnCheck XDB
initial-access
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
100RISCO
abrir ↗VulnCheck XDB
initial-access
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validati
100RISCO
abrir ↗VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir ↗VulnCheck XDB
initial-access
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vul
90RISCO
abrir ↗VulnCheck XDB
initial-access
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0
60RISCO
abrir ↗VulnCheck XDB
initial-access
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs cla
100RISCO
abrir ↗VulnCheck XDB
local
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interacti
100RISCO
abrir ↗VulnCheck XDB
initial-access
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir ↗VulnCheck XDB
local
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool
100RISCO
abrir ↗VulnCheck XDB
initial-access
Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2
48RISCO
abrir ↗VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir ↗VulnCheck XDB
initial-access
Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
100RISCO
abrir ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISCO
abrir ↗VulnCheck XDB
initial-access
Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5
100RISCO
abrir ↗VulnCheck XDB
info-leak
[20230201] - Core - Improper access check in webservice endpoints
100RISCO
abrir ↗VulnCheck XDB
initial-access
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
85RISCO
abrir ↗VulnCheck XDB
initial-access
WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
63RISCO
abrir ↗VulnCheck XDB
initial-access
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir ↗VulnCheck XDB
remote-with-credentials
n8n Vulnerable to Remote Code Execution via Expression Injection
100RISCO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISCO
abrir ↗VulnCheck XDB
initial-access
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1
100RISCO
abrir ↗VulnCheck XDB
initial-access
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific
100RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.