Home
Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 3,721 - 3,740 of 260,080 in total

Microsoft Edge Chromium: CVE-2025-2476 Use after free in Lens

Published: March 19, 2025 | Severity: 9

WordPress Plugin: custom-twitter-feeds: CVE-2025-1314: Cross-Site Request Forgery (CSRF)

Published: March 19, 2025 | Severity: 5

WordPress Plugin: order-import-export-for-woocommerce: CVE-2024-13920: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Published: March 19, 2025 | Severity: 6

WordPress Plugin: order-import-export-for-woocommerce: CVE-2024-13922: External Control of File Name or Path

Published: March 19, 2025 | Severity: 3

WordPress Plugin: order-import-export-for-woocommerce: CVE-2024-13921: Deserialization of Untrusted Data

Published: March 19, 2025 | Severity: 8

WordPress Plugin: order-import-export-for-woocommerce: CVE-2024-13923: Server-Side Request Forgery (SSRF)

Published: March 19, 2025 | Severity: 7

WordPress Plugin: boombox-theme-extensions: CVE-2024-12295: Weak Password Recovery Mechanism for Forgotten Password

Published: March 18, 2025 | Severity: 9

Atlassian Bitbucket (CVE-2022-31197): SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bitbucket Data Center and Server

Published: March 18, 2025 | Severity: 7

IBM AIX: nim_advisory (CVE-2024-56347): Vulnerability in nim affects AIX

Published: March 18, 2025 | Severity: 8

IBM AIX: nim_advisory (CVE-2024-56346): Vulnerability in nim affects AIX

Published: March 18, 2025 | Severity: 8

OS X update for sips (CVE-2025-24185)

Published: March 18, 2025 | Severity: 10

Atlassian Bitbucket (CVE-2024-4367): Third-Party Dependency in Bitbucket Data Center

Published: March 18, 2025 | Severity: 10

Atlassian Bitbucket (CVE-2024-45296): Third-Party Dependency in Bitbucket Data Center

Published: March 18, 2025 | Severity: 8

Atlassian Bitbucket (CVE-2024-29857): DoS (Denial of Service) org.bouncycastle:bcprov-jdk18on Dependency in Bitbucket Data Center and Server

Published: March 18, 2025 | Severity: 8

Atlassian JIRA: CVE-2024-38819: Path Traversal (Arbitrary Read/Write) org.springframework:spring-webmvc Dependency in Jira Software Data Center and Server

Published: March 18, 2025 | Severity: 8

Atlassian Bitbucket (CVE-2022-21724): org.postgresql:postgresql Dependency in Bitbucket Data Center and Server

Published: March 18, 2025 | Severity: 6

WordPress Plugin: sf-booking: CVE-2024-13442: Authentication Bypass Using an Alternate Path or Channel

Published: March 18, 2025 | Severity: 10

OS X update for XProtect (CVE-2024-54565)

Published: March 18, 2025 | Severity: 10

WordPress Plugin: global-payments-woocommerce: CVE-2025-22767: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 18, 2025 | Severity: 7

Red Hat: CVE-2025-2487: 389-ds-base: null pointer dereference leads to denial of service (Multiple Advisories)

Published: March 18, 2025 | Severity: 6