Home
Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 3,601 - 3,620 of 254,041 in total

Debian: CVE-2025-27835: ghostscript -- security update

Published: March 25, 2025 | Severity: 6

Debian: CVE-2025-2756: assimp -- security update

Published: March 25, 2025 | Severity: 7

Debian: CVE-2025-2754: assimp -- security update

Published: March 25, 2025 | Severity: 7

WordPress Plugin: zapier: CVE-2024-13411: Server-Side Request Forgery (SSRF)

Published: March 25, 2025 | Severity: 5

Microsoft Edge Chromium: CVE-2025-29806

Published: March 24, 2025 | Severity: 4

Microsoft Edge Chromium: CVE-2025-29795

Published: March 24, 2025 | Severity: 4

WordPress Plugin: wp-social-widget: CVE-2025-30610: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 24, 2025 | Severity: 7

WordPress Plugin: web-directory-free: CVE-2025-28904: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Published: March 24, 2025 | Severity: 8

WordPress Plugin: powerpress: CVE-2024-9230: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 24, 2025 | Severity: 6

SUSE: CVE-2025-1217: SUSE Linux Security Advisory

Published: March 24, 2025 | Severity: 10

SUSE: CVE-2025-1861: SUSE Linux Security Advisory

Published: March 24, 2025 | Severity: 10

WordPress Plugin: dicom-support: CVE-2024-12623: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 24, 2025 | Severity: 5

WordPress Plugin: blue-captcha: CVE-2025-28880: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 24, 2025 | Severity: 7

WordPress Plugin: appexperts: CVE-2025-30609: Exposure of Sensitive Information to an Unauthorized Actor

Published: March 24, 2025 | Severity: 5

Red Hat JBossEAP: Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-30208)

Published: March 24, 2025 | Severity: 5

WordPress Plugin: directorist: CVE-2025-2224: Missing Authorization

Published: March 24, 2025 | Severity: 5

WordPress Plugin: user-registration: CVE-2025-2563: Improper Privilege Management

Published: March 24, 2025 | Severity: 8

WordPress Plugin: digital-license-manager: CVE-2025-2635: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 24, 2025 | Severity: 6

Kubernetes ingress-nginx: CVE-2025-1098: (Improper Input Validation)

Published: March 24, 2025 | Severity: 9

Kubernetes ingress-nginx: CVE-2025-24513: (Improper Input Validation)

Published: March 24, 2025 | Severity: 4