Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
19.841 exploits
Referência
CVE-2015-5477
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (
60RISCO
abrir
Referência
CVE-2015-2208
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via she
50RISCO
abrir
Referência
CVE-2012-2115
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote atta
23RISCO
abrir
Referência
CVE-2009-4660
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to
50RISCO
abrir
Referência
CVE-2009-4660
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to
50RISCO
abrir
Referência
CVE-2015-1793
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly
50RISCO
abrir
Referência
wanewsletter 2.1.3 - Remote File Inclusion
PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to e
35RISCO
abrir
Referência
Feindt Computerservice News 2.0 - 'newsadmin.php?action' Remote File Inclusion
PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote
35RISCO
abrir
Referência
CVE-2025-34152
Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via Time Parameter
75RISCO
abrir
Referência
CVE-2016-1209
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via
50RISCO
abrir
Referência
CVE-2017-8835
SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw
50RISCO
abrir
Referência
CVE-2015-3306
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and
60RISCO
abrir
Referência
LimeSurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion
Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow remote attackers to exe
35RISCO
abrir
Referência
CVE-2018-16836
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attac
50RISCO
abrir
Referência
CVE-2014-2364
Advantech WebAccess Stack-Based Buffer Overflow
68RISCO
abrir
Referência
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 f
50RISCO
abrir
Referência
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 f
50RISCO
abrir
Referência
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 f
50RISCO
abrir
Referência
CVE-2017-1000119
October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise
50RISCO
abrir
Referência
CVE-2015-8399
Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName p
50RISCO
abrir
Referência
CVE-2023-28502
Stack buffer overflow in UniRPC's udadmin_server service
75RISCO
abrir
Referência
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)
Local privilege escalation via snapd socket
53RISCO
abrir
Referência
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)
Local privilege escalation via snapd socket
53RISCO
abrir
Referência
CVE-2018-7445
CVE-2018-7445CRITICALsob ataque
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remot
90RISCO
abrir
Referência
CVE-2015-7602
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (d
50RISCO
abrir
Referência
CVE-2015-7602
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (d
50RISCO
abrir
Referência
CVE-2014-2849
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users
50RISCO
abrir
Referência
CVE-2014-3913
Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrar
50RISCO
abrir
Referência
CVE-2014-3913
Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrar
50RISCO
abrir
Referência
CVE-2023-27179
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename paramet
68RISCO
abrir
anteriorpágina 52 / 662próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.