Home
Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 4,281 - 4,300 of 254,297 in total

WordPress Plugin: wpbookit: CVE-2025-26910: Cross-Site Request Forgery (CSRF)

Published: March 09, 2025 | Severity: 7

Debian: CVE-2023-52969: mariadb, mariadb-10.5 -- security update

Published: March 08, 2025 | Severity: 8

Debian: CVE-2023-52968: mariadb-10.5 -- security update

Published: March 08, 2025 | Severity: 9

Debian: CVE-2023-52970: mariadb, mariadb-10.5 -- security update

Published: March 08, 2025 | Severity: 8

Amazon Linux 2023: CVE-2023-52968: Medium priority package update for mariadb105

Published: March 08, 2025 | Severity: 6

Amazon Linux AMI 2: CVE-2023-52968: Security patch for mariadb (ALASMARIADB10.5-2024-006)

Published: March 08, 2025 | Severity: 6

Debian: CVE-2023-52971: mariadb -- security update

Published: March 08, 2025 | Severity: 8

WordPress Plugin: product-input-fields-for-woocommerce: CVE-2024-13359: Unrestricted Upload of File with Dangerous Type

Published: March 07, 2025 | Severity: 8

WordPress Plugin: woocommerce-delivery-notes: CVE-2024-13640: Exposure of Sensitive Information to an Unauthorized Actor

Published: March 07, 2025 | Severity: 5

WordPress Plugin: xpro-elementor-addons: CVE-2024-13649: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 07, 2025 | Severity: 5

WordPress Plugin: wp-recall: CVE-2025-1324: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 07, 2025 | Severity: 5

WordPress Plugin: wp-recall: CVE-2025-1325: Missing Authorization

Published: March 07, 2025 | Severity: 7

WordPress Plugin: slingblocks: CVE-2024-13675: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 07, 2025 | Severity: 5

WordPress Plugin: vikrentcar: CVE-2024-11640: Cross-Site Request Forgery (CSRF)

Published: March 07, 2025 | Severity: 10

Microsoft Edge Chromium: CVE-2025-26643

Published: March 07, 2025 | Severity: 6

Ubuntu: USN-7433-1 (CVE-2025-27796): GraphicsMagick vulnerabilities

Published: March 07, 2025 | Severity: 10

Ubuntu: USN-7433-1 (CVE-2025-27795): GraphicsMagick vulnerabilities

Published: March 07, 2025 | Severity: 9

WordPress Plugin: essential-blocks: CVE-2025-1664: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 07, 2025 | Severity: 5

Ubuntu: (Multiple Advisories) (CVE-2025-21835): Linux kernel vulnerabilities

Published: March 07, 2025 | Severity: 6

WordPress Plugin: ht-mega-for-elementor: CVE-2025-1261: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: March 07, 2025 | Severity: 5