Home
Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 3,101 - 3,120 of 254,041 in total

Ubuntu: USN-7425-1 (CVE-2025-30211): Erlang vulnerability

Published: March 28, 2025 | Severity: 8

WordPress Plugin: bit-assist: CVE-2025-30834: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Published: March 28, 2025 | Severity: 8

Debian: CVE-2025-30232: exim4 -- security update

Published: March 28, 2025 | Severity: 8

Red Hat JBossEAP: Other (CVE-2024-11735)

Published: March 28, 2025 | Severity: 4

Red Hat JBossEAP: Cross-site Scripting (CVE-2025-2901)

Published: March 28, 2025 | Severity: 5

SUSE: CVE-2025-1860: SUSE Linux Security Advisory

Published: March 28, 2025 | Severity: 9

WordPress Plugin: hostel: CVE-2025-31102: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 28, 2025 | Severity: 7

Gitlab Gitlab: CVE-2024-12619: Insufficient Granularity of Access Control

Published: March 28, 2025 | Severity: 7

WordPress Plugin: wp-compress-mainwp: CVE-2025-31076: Server-Side Request Forgery (SSRF)

Published: March 28, 2025 | Severity: 4

Gitlab Gitlab: CVE-2024-10307: Allocation of Resources Without Limits or Throttling

Published: March 28, 2025 | Severity: 4

Debian: CVE-2025-30211: erlang -- security update

Published: March 28, 2025 | Severity: 8

Debian: CVE-2025-31162: fig2dev -- security update

Published: March 28, 2025 | Severity: 6

WordPress Plugin: usermaven: CVE-2025-31079: Cross-Site Request Forgery (CSRF)

Published: March 28, 2025 | Severity: 5

WordPress Plugin: material-dashboard: CVE-2025-31095: Improper Privilege Management

Published: March 28, 2025 | Severity: 10

WordPress Plugin: elementskit-lite: CVE-2024-11180: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 28, 2025 | Severity: 5

WordPress Plugin: elisqlreports: CVE-2025-30788: Cross-Site Request Forgery (CSRF)

Published: March 27, 2025 | Severity: 8

WordPress Plugin: wpextended: CVE-2025-30796: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 27, 2025 | Severity: 7

WordPress Plugin: ecab-taxi-booking-manager: CVE-2025-30839: Missing Authorization

Published: March 27, 2025 | Severity: 5

WordPress Plugin: elisqlreports: CVE-2025-30787: Cross-Site Request Forgery (CSRF)

Published: March 27, 2025 | Severity: 7

WordPress Plugin: enhanced-e-commerce-for-woocommerce-store: CVE-2025-30909: Missing Authorization

Published: March 27, 2025 | Severity: 4