Exploração pública

Catálogo de exploits

Todo exploit público que catalogamos, num índice só. Busque por CVE, nome do exploit ou tecnologia — e veja, ao lado, o que a falha realmente vale: severidade, probabilidade de exploração e se já está sob ataque.

71.622exploits catalogados
32.030CVEs com exploração pública
1.932testados em laboratório
8.100 exploits
VulnCheck XDB
infoleak
CVE-2025-30406CRITICALsob ataque07 ago 2025
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque07 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque07 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque07 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHsob ataque07 ago 2025
Git allows arbitrary code execution through broken config quoting
71RISCO
abrir
VulnCheck XDB
denial-of-service
CVE-2020-0796CRITICALsob ataqueransomware06 ago 2025
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol h
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24813CRITICALsob ataque06 ago 2025
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque06 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
local
CVE-2023-22809HIGH05 ago 2025
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environmen
68RISCO
abrir
VulnCheck XDB
infoleak
CVE-2014-0160HIGHsob ataque05 ago 2025
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packe
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque05 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque05 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2024-4577CRITICALsob ataqueransomware05 ago 2025
Argument Injection in PHP-CGI
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2023-7028CRITICALsob ataque05 ago 2025
Weak Password Recovery Mechanism for Forgotten Password in GitLab
100RISCO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALsob ataque05 ago 2025
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISCO
abrir
VulnCheck XDB
local
CVE-2025-32463CRITICALsob ataque05 ago 2025
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled director
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque04 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHsob ataque04 ago 2025
Git allows arbitrary code execution through broken config quoting
71RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque04 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2018-7600CRITICALsob ataqueransomware04 ago 2025
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbi
100RISCO
abrir
VulnCheck XDB
remote-with-credentials
CVE-2020-0688HIGHsob ataqueransomware04 ago 2025
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle o
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-7340CRITICAL04 ago 2025
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Upload
48RISCO
abrir
VulnCheck XDB
infoleak
CVE-2021-44228CRITICALsob ataqueransomware04 ago 2025
Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque03 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque03 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque03 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
VulnCheck XDB
client-side
CVE-2025-48384HIGHsob ataque03 ago 2025
Git allows arbitrary code execution through broken config quoting
71RISCO
abrir
VulnCheck XDB
client-side
CVE-2024-2782HIGH03 ago 2025
Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation
56RISCO
abrir
VulnCheck XDB
initial-access
CVE-2024-2771CRITICAL03 ago 2025
Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Settings Update and Limited Privilege Escalation
63RISCO
abrir
VulnCheck XDB
initial-access
CVE-2025-24893CRITICALsob ataque03 ago 2025
Remote code execution as guest via SolrSearchMacros request in xwiki
100RISCO
abrir
anteriorpágina 67 / 270próximo

Indexamos apenas o link público para a prova de conceito — nunca hospedamos nem redistribuímos código de exploração. Fontes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit e VulnCheck XDB. A existência de PoC pública não significa que a falha seja explorável no seu ambiente.