Exploração pública
Catálogo de exploits
Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.
71.180exploits catalogados
31.691CVEs com exploração pública
0testados em laboratório
TodosExploit-DB 22.469Referência 19.841GitHub PoC 13.140VulnCheck XDB 8.078Nuclei 4.190Metasploit 3.462✓ só verificadosrecentespopularesrisco
19.841 exploits
Referência
CVE-2010-2343
Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbi
50RISCO
abrir ↗Referência
CVE-2023-24078
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the c
53RISCO
abrir ↗Referência
CVE-2019-0541
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML E
83RISCO
abrir ↗Referência
CVE-2008-3922
awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences
50RISCO
abrir ↗Referência
AWStats Totals 1.14 - 'AWStatstotals.php' Remote Code Execution
awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences
50RISCO
abrir ↗Referência
CVE-2019-9760
FTPGetter Standard v.5.97.0.177 allows remote code execution when a user initiates an FTP connection to an attacker-cont
50RISCO
abrir ↗Referência
helplink 0.1.0 - 'show.php' Remote File Inclusion
PHP remote file inclusion vulnerability in show.php in David Watters Helplink 0.1.0 allows remote attackers to execute a
35RISCO
abrir ↗Referência
CVE-2016-7434
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a craf
35RISCO
abrir ↗Referência
CVE-2021-41381
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
50RISCO
abrir ↗Referência
CVE-2021-41381
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
50RISCO
abrir ↗Referência
Payara Micro Community 5.2021.6 - Directory Traversal
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
50RISCO
abrir ↗Referência
CVE-2019-11447
An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload proce
35RISCO
abrir ↗Referência
CVE-2019-11447
An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload proce
35RISCO
abrir ↗Referência
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from t
35RISCO
abrir ↗Referência
CVE-2020-1054
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle o
98RISCO
abrir ↗Referência
Ajax File Browser 3b - 'settings.inc.php?approot' Remote File Inclusion
PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote attacker
35RISCO
abrir ↗Referência
Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)
Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Wor
35RISCO
abrir ↗Referência
CVE-2017-13772
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated
35RISCO
abrir ↗Referência
CVE-2017-13772
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated
35RISCO
abrir ↗Referência
CVE-2017-8734
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arb
35RISCO
abrir ↗Referência
CVE-2023-27823
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid cr
60RISCO
abrir ↗Referência
CVE-2016-0710
Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attacker
50RISCO
abrir ↗Referência
CVE-2016-0710
Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attacker
50RISCO
abrir ↗Referência
CVE-2012-4031
Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attacke
50RISCO
abrir ↗Referência
CVE-2019-8953
The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, re
35RISCO
abrir ↗Referência
CVE-2019-13272
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISCO
abrir ↗Referência
CVE-2019-13272
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISCO
abrir ↗Referência
CVE-2019-13272
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISCO
abrir ↗Referência
CVE-2019-13272
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISCO
abrir ↗Referência
CVE-2019-13272
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a proce
98RISCO
abrir ↗Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.