Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
8.078 exploits
VulnCheck XDB
initial-access
Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests
90RISCO
abrir ↗VulnCheck XDB
client-side
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitra
76RISCO
abrir ↗VulnCheck XDB
infoleak
AI Engine <= 3.1.3 - Unauthenticated Sensitive Information Exposure to Privilege Escalation
85RISCO
abrir ↗VulnCheck XDB
client-side
Git allows arbitrary code execution through broken config quoting
71RISCO
abrir ↗VulnCheck XDB
client-side
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability
45RISCO
abrir ↗VulnCheck XDB
initial-access
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic
100RISCO
abrir ↗VulnCheck XDB
initial-access
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload).
100RISCO
abrir ↗VulnCheck XDB
initial-access
@nestjs/devtools-integration's CSRF to Sandbox Escape Allows for RCE against JS Developers
75RISCO
abrir ↗VulnCheck XDB
local
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interacti
100RISCO
abrir ↗VulnCheck XDB
initial-access
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
100RISCO
abrir ↗VulnCheck XDB
client-side
DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite
75RISCO
abrir ↗VulnCheck XDB
initial-access
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
100RISCO
abrir ↗VulnCheck XDB
initial-access
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir ↗VulnCheck XDB
initial-access
Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests
90RISCO
abrir ↗VulnCheck XDB
initial-access
Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests
90RISCO
abrir ↗VulnCheck XDB
initial-access
GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution
85RISCO
abrir ↗VulnCheck XDB
initial-access
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions
100RISCO
abrir ↗VulnCheck XDB
initial-access
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir ↗VulnCheck XDB
initial-access
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
100RISCO
abrir ↗VulnCheck XDB
local
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISCO
abrir ↗VulnCheck XDB
infoleak
Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection via 's' Parameter
68RISCO
abrir ↗VulnCheck XDB
local
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does no
50RISCO
abrir ↗VulnCheck XDB
infoleak
WordPress File Upload <= 4.24.11 - Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php
85RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.