Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
8.078 exploits
VulnCheck XDB
infoleak
CVE-2025-58360HIGHsob ataque26 nov 2025
GeoServer is vulnerable to an Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature
98RISCO
abrir
VulnCheck XDB
initial-access
CVE-2019-16278CRITICALsob ataque26 nov 2025
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote co
100RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2019-15949HIGHsob ataque26 nov 2025
Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios
100RISCO
abrir
VulnCheck XDB
infoleak
CVE-2021-41773HIGHsob ataqueransomware26 nov 2025
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-6389CRITICAL25 nov 2025
Sneeit Framework <= 8.3 - Unauthenticated Remote Code Execution in sneeit_articles_pagination_callback
60RISCO
abrir
VulnCheck XDB
client-side
CVE-2025-6554HIGHsob ataque25 nov 2025
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write v
71RISCO
abrir
VulnCheck XDB
local
CVE-2022-37969HIGHsob ataque25 nov 2025
Windows Common Log File System Driver Elevation of Privilege Vulnerability
76RISCO
abrir
VulnCheck XDB
infoleak
CVE-2019-845124 nov 2025
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the con
60RISCO
abrir
VulnCheck XDB
initial-access
CVE-2023-36845CRITICALsob ataque24 nov 2025
Junos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control an important environment variable
100RISCO
abrir
VulnCheck XDB
local
CVE-2025-11001HIGH24 nov 2025
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
46RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-24054MEDIUMsob ataque23 nov 2025
NTLM Hash Disclosure Spoofing Vulnerability
75RISCO
abrir
VulnCheck XDB
infoleak
CVE-2025-5777CRITICALsob ataqueransomware23 nov 2025
NetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overread
100RISCO
abrir
VulnCheck XDB
local
CVE-2025-11001HIGH22 nov 2025
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
46RISCO
abrir
VulnCheck XDB
local
CVE-2025-11001HIGH22 nov 2025
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
46RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-47916CRITICAL21 nov 2025
Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The
85RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-64446CRITICALsob ataque21 nov 2025
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-59287CRITICALsob ataque21 nov 2025
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-3248CRITICALsob ataqueransomware20 nov 2025
Langflow < 1.3.0 Unauthenticated RCE via /api/v1/validate/code
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2022-22965CRITICALsob ataque20 nov 2025
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data b
100RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2025-61757CRITICALsob ataque20 nov 2025
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported vers
100RISCO
abrir
VulnCheck XDB
client-side
CVE-2024-21413CRITICALsob ataque20 nov 2025
Microsoft Outlook Remote Code Execution Vulnerability
100RISCO
abrir
VulnCheck XDB
local
CVE-2025-11001HIGH20 nov 2025
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability
46RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-13390CRITICAL20 nov 2025
WP Directory Kit <= 1.4.4 - Authentication Bypass to Privilege Escalation via Account Takeover
63RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-34299CRITICAL19 nov 2025
Monsta FTP <= 2.11 Unauthenticated Arbitrary File Upload
85RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2018-15133HIGHsob ataque19 nov 2025
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unseri
100RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2021-1675HIGHsob ataqueransomware19 nov 2025
Windows Print Spooler Remote Code Execution Vulnerability
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-58034MEDIUMsob ataque19 nov 2025
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vul
90RISCO
abrir
VulnCheck XDB
info-leak
CVE-2025-11833CRITICAL18 nov 2025
Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.0 - Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure
75RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque18 nov 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-64446CRITICALsob ataque18 nov 2025
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb
100RISCO
abrir
anteriorpágina 53 / 270próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.