Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.114exploits catalogados
31.649CVEs com exploração pública
0testados em laboratório
22.469 exploits
Exploit-DB
Technicolor TD5130.2 - Remote Command Execution
CVE-2019-1839613 nov 2019
An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Comm
28RISCO
abrir
Exploit-DB
FUDForum 3.0.9 - Remote Code Execution
CVE-2019-1887313 nov 2019
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An
23RISCO
abrir
Exploit-DB
Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting
CVE-2019-767112 nov 2019
Prima Systems FlexAir, Versions 2.3.38 and prior. Parameters sent to scripts are not properly sanitized before being ret
23RISCO
abrir
Exploit-DB
Adrenalin Core HCM 5.4.0 - 'ReportID' Reflected Cross-Site Scripting
CVE-2018-1265312 nov 2019
A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious Jav
23RISCO
abrir
Exploit-DB
Adrenalin Core HCM 5.4.0 - 'prntDDLCntrlName' Reflected Cross-Site Scripting
CVE-2018-1265012 nov 2019
Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting (XSS) vulnerability in the ApplicationtEmployeeSe
23RISCO
abrir
Exploit-DB
Adrenalin Core HCM 5.4.0 - 'strAction' Reflected Cross-Site Scripting
CVE-2018-1223412 nov 2019
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied
23RISCO
abrir
Exploit-DB
Optergy 2.3.0a - Cross-Site Request Forgery (Add Admin)
CVE-2019-727312 nov 2019
Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF).
23RISCO
abrir
Exploit-DB
CBAS-Web 19.0.0 - Information Disclosure
CVE-2019-1084912 nov 2019
Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure.
23RISCO
abrir
Exploit-DB
CBAS-Web 19.0.0 - Cross-Site Request Forgery (Add Super Admin)
CVE-2019-1084712 nov 2019
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.
23RISCO
abrir
Exploit-DB
Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting
CVE-2019-1084612 nov 2019
Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and passw
23RISCO
abrir
Exploit-DB
FlexAir Access Control 2.3.35 - Authentication Bypass
CVE-2019-766612 nov 2019
Prima Systems FlexAir, Versions 2.3.38 and prior. The application allows improper authentication using the MD5 hash valu
28RISCO
abrir
Exploit-DB
eMerge50P 5000P 4.6.07 - Remote Code Execution
CVE-2019-726912 nov 2019
Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.
35RISCO
abrir
Exploit-DB
eMerge E3 1.00-06 - Cross-Site Request Forgery
CVE-2019-726212 nov 2019
Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF).
28RISCO
abrir
Exploit-DB
eMerge E3 1.00-06 - Arbitrary File Upload
CVE-2019-725712 nov 2019
Linear eMerge E3-Series devices allow Unrestricted File Upload.
35RISCO
abrir
Exploit-DB
Optergy 2.3.0a - Remote Code Execution
CVE-2019-727412 nov 2019
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root.
28RISCO
abrir
Exploit-DB
eMerge E3 1.00-06 - Privilege Escalation
CVE-2019-725412 nov 2019
Linear eMerge E3-Series devices allow File Inclusion.
60RISCO
abrir
Exploit-DB
Optergy 2.3.0a - Username Disclosure
CVE-2019-727212 nov 2019
Optergy Proton/Enterprise devices allow Username Disclosure.
28RISCO
abrir
Exploit-DB
Atlassian Confluence 6.15.1 - Directory Traversal
CVE-2019-3398HIGHsob ataque12 nov 2019
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote at
100RISCO
abrir
Exploit-DB
eMerge E3 1.00-06 - Remote Code Execution
CVE-2019-7256CRITICALsob ataque12 nov 2019
Linear eMerge E3-Series devices allow Command Injections.
100RISCO
abrir
Exploit-DB
eMerge E3 Access Controller 4.6.07 - Remote Code Execution
CVE-2019-726512 nov 2019
Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH).
28RISCO
abrir
Exploit-DB
Prima Access Control 2.3.35 - Arbitrary File Upload
CVE-2019-918912 nov 2019
Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when
28RISCO
abrir
Exploit-DB
Prima FlexAir Access Control 2.3.38 - Remote Code Execution
CVE-2019-767012 nov 2019
Prima Systems FlexAir, Versions 2.3.38 and prior. The application incorrectly neutralizes special elements that could mo
28RISCO
abrir
Exploit-DB
CBAS-Web 19.0.0 - Username Enumeration
CVE-2019-1084812 nov 2019
Computrols CBAS 18.0.0 allows Username Enumeration.
23RISCO
abrir
Exploit-DB
Optergy 2.3.0a - Remote Code Execution (Backdoor)
CVE-2019-727612 nov 2019
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console.
60RISCO
abrir
Exploit-DB
eMerge E3 1.00-06 - 'layout' Reflected Cross-Site Scripting
CVE-2019-725512 nov 2019
Linear eMerge E3-Series devices allow XSS.
50RISCO
abrir
Exploit-DB
eMerge E3 1.00-06 - Unauthenticated Directory Traversal
CVE-2019-725412 nov 2019
Linear eMerge E3-Series devices allow File Inclusion.
60RISCO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed JBIG2Globals Stream
CVE-2019-819511 nov 2019
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier,
28RISCO
abrir
Exploit-DB
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)
CVE-2019-819611 nov 2019
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier,
28RISCO
abrir
Exploit-DB
iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
CVE-2019-866211 nov 2019
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS
23RISCO
abrir
Exploit-DB
iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
CVE-2019-864111 nov 2019
An out-of-bounds read was addressed with improved input validation.
28RISCO
abrir
anteriorpágina 52 / 749próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.