• Home
  • Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 3,841 - 3,860 of 260,080 in total
WordPress Plugin: church-admin: CVE-2025-26941: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Published: March 13, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: cm-faq: CVE-2025-2166: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 13, 2025 | Severity: 6
vulnerability
Explore
WordPress Plugin: instawp-connect: CVE-2024-13913: Cross-Site Request Forgery (CSRF)
Published: March 13, 2025 | Severity: 10
vulnerability
Explore
WordPress Plugin: omnipress: CVE-2024-13407: Authorization Bypass Through User-Controlled Key
Published: March 13, 2025 | Severity: 4
vulnerability
Explore
Gitlab Gitlab: CVE-2024-7296: Incorrect Authorization
Published: March 13, 2025 | Severity: 3
vulnerability
Explore
Gitlab Gitlab: CVE-2024-13054: Allocation of Resources Without Limits or Throttling
Published: March 13, 2025 | Severity: 7
vulnerability
Explore
Gitlab Gitlab: CVE-2024-12380: Generation of Error Message Containing Sensitive Information
Published: March 13, 2025 | Severity: 5
vulnerability
Explore
WordPress Plugin: wpcom-member: CVE-2025-2221: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Published: March 13, 2025 | Severity: 8
vulnerability
Explore
Debian: CVE-2025-29768: vim -- security update
Published: March 13, 2025 | Severity: 4
vulnerability
Explore
Debian: CVE-2025-1767: kubernetes -- security update
Published: March 13, 2025 | Severity: 6
vulnerability
Explore
Amazon Linux AMI 2: CVE-2025-29768: Security patch for vim (ALAS-2025-2827)
Published: March 13, 2025 | Severity: 4
vulnerability
Explore
WordPress Plugin: hide-my-wp: CVE-2025-2056: Relative Path Traversal
Published: March 13, 2025 | Severity: 8
vulnerability
Explore
Sante PACS Server Path Traversal (CVE-2025-2264)
Disclosed: March 13, 2025
module
Explore
WordPress Plugin: mappress-google-maps-for-wordpress: CVE-2025-2055: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Published: March 13, 2025 | Severity: 8
vulnerability
Explore
WordPress Plugin: realteo: CVE-2025-2232: Improper Privilege Management
Published: March 13, 2025 | Severity: 10
vulnerability
Explore
Joomla!: [20250301] - Core - Malicious file uploads via Media Manager (CVE-2025-22213)
Published: March 12, 2025 | Severity: 8
vulnerability
Explore
Zimbra Collaboration: CVE-2025-27915: This patch fixes a critical security vulnerability.
Published: March 12, 2025 | Severity: 5
vulnerability
Explore
Zimbra Collaboration: CVE-2025-27914: An XSS vulnerability.
Published: March 12, 2025 | Severity: 5
vulnerability
Explore
Debian: CVE-2025-21859: linux -- security update
Published: March 12, 2025 | Severity: 5
vulnerability
Explore
Debian: CVE-2025-21858: linux -- security update
Published: March 12, 2025 | Severity: 7
vulnerability
Explore