• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 2,921 - 2,940 of 260,079 in total
MFSA2025-23 Thunderbird: Security Vulnerabilities fixed in Thunderbird 137 (CVE-2025-3033)
Published: April 01, 2025 | Severity: 7
vulnerability
Explore
Red Hat: CVE-2025-3028: firefox: thunderbird: Use-after-free triggered by XSLTProcessor (Multiple Advisories)
Published: April 01, 2025 | Severity: 9
vulnerability
Explore
Red Hat: CVE-2025-3029: firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters (Multiple Advisories)
Published: April 01, 2025 | Severity: 6
vulnerability
Explore
Red Hat: CVE-2025-3030: firefox: thunderbird: Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9 (Multiple Advisories)
Published: April 01, 2025 | Severity: 10
vulnerability
Explore
FreeBSD: VID-2C0180A5-13C8-11F0-A5BD-B42E991FC52E (CVE-2025-3029): Mozilla -- URL spoofing attack
Published: April 01, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: woo-order-splitter: CVE-2025-31089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Published: April 01, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: woo-product-tables: CVE-2025-31086: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: April 01, 2025 | Severity: 7
vulnerability
Explore
WordPress Plugin: wp-optin-wheel: CVE-2025-31824: Server-Side Request Forgery (SSRF)
Published: April 01, 2025 | Severity: 4
vulnerability
Explore
WordPress Plugin: wp-plugin-info-card: CVE-2025-31835: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: April 01, 2025 | Severity: 7
vulnerability
Explore
OS X update for OpenSSH (CVE-2025-24246)
Published: April 01, 2025 | Severity: 5
vulnerability
Explore
Oracle Linux: CVE-2025-3028: ELSA-2025-3556: firefox security update (IMPORTANT) (Multiple Advisories)
Published: April 01, 2025 | Severity: 9
vulnerability
Explore
Debian: CVE-2025-21963: linux -- security update
Published: April 01, 2025 | Severity: 5
vulnerability
Explore
Debian: CVE-2025-21943: linux -- security update
Published: April 01, 2025 | Severity: 4
vulnerability
Explore
WordPress Plugin: zoho-flow: CVE-2025-31408: Missing Authorization
Published: April 01, 2025 | Severity: 4
vulnerability
Explore
OS X update for Voice Control (CVE-2025-24279)
Published: April 01, 2025 | Severity: 5
vulnerability
Explore
MongoDB: MongoDB Server running on Linux may allow unexpected connections where intermediate certificates are revoked (CVE-2025-3085)
Published: April 01, 2025 | Severity: 9
vulnerability
Explore
OS X update for Xsan (CVE-2025-24157)
Published: April 01, 2025 | Severity: 7
vulnerability
Explore
Ubuntu: USN-7436-1 (CVE-2025-24216): WebKitGTK vulnerabilities
Published: March 31, 2025 | Severity: 5
vulnerability
Explore
Ubuntu: USN-7436-1 (CVE-2025-24208): WebKitGTK vulnerabilities
Published: March 31, 2025 | Severity: 6
vulnerability
Explore
Ubuntu: USN-7436-1 (CVE-2025-24264): WebKitGTK vulnerabilities
Published: March 31, 2025 | Severity: 10
vulnerability
Explore