Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.841 exploits
Referência
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow (PoC)
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions befo
50RISCO
abrir ↗Referência
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions befo
50RISCO
abrir ↗Referência
CVE-2017-8635
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Serve
35RISCO
abrir ↗Referência
CVE-2018-0935
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Se
35RISCO
abrir ↗Referência
CVE-2019-11708
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result
90RISCO
abrir ↗Referência
Joomla! Plugin tinybrowser 1.5.12 - Arbitrary File Upload / Execution
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
50RISCO
abrir ↗Referência
CVE-2019-8387
MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, related to the thttpd component.
35RISCO
abrir ↗Referência
CVE-2014-7236
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary
50RISCO
abrir ↗Referência
CVE-2014-4114
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2
100RISCO
abrir ↗Referência
CVE-2018-17440
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves b
35RISCO
abrir ↗Referência
CVE-2017-13872
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The is
50RISCO
abrir ↗Referência
CVE-2017-13872
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The is
50RISCO
abrir ↗Referência
CVE-2015-3042
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457
35RISCO
abrir ↗Referência
CVE-2020-10221
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands vi
83RISCO
abrir ↗Referência
CVE-2010-1472
Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attac
43RISCO
abrir ↗Referência
CVE-2017-9798
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user
60RISCO
abrir ↗Referência
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code
60RISCO
abrir ↗Referência
WonderCMS 3.4.2 - Remote Code Execution (RCE)
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code
60RISCO
abrir ↗Referência
CVE-2019-19609
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin c
35RISCO
abrir ↗Referência
CVE-2019-19609
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin c
35RISCO
abrir ↗Referência
Roundcube Webmail 0.2-3 Beta - Code Execution
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail)
35RISCO
abrir ↗Referência
Roundcube Webmail 0.2b - Remote Code Execution
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail)
35RISCO
abrir ↗Referência
CVE-2016-3325
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted w
35RISCO
abrir ↗Referência
Quick TFTP Server Pro 2.1 - Remote Overflow (SEH)
Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote attackers to cause a denial of service o
50RISCO
abrir ↗Referência
CVE-2017-11810
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Window
35RISCO
abrir ↗Referência
CVE-2018-8831
A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/s
35RISCO
abrir ↗Referência
CVE-2018-4233
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud
68RISCO
abrir ↗Referência
CVE-2018-4233
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud
68RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.