Home
Vulnerability & Exploit Database

Vulnerability & Exploit Database

Try Surface Command Get a continuous 360° view of your attack surface

A curated repository of vetted computer software exploits and exploitable vulnerabilities.

Technical details for over 180,000 vulnerabilities and 4,000 exploits are available for security professionals and researchers to review. The exploits are all included in the Metasploit framework. Our vulnerability and exploit database is updated frequently and contains the most recent security research.

Results 4,921 - 4,940 of 254,835 in total

OpenSSH Vulnerability: CVE-2025-26466

Published: February 28, 2025 | Severity: 8

OS X update for OpenSSH (CVE-2025-26466)

Published: February 28, 2025 | Severity: 7

WordPress Plugin: sku-for-woocommerce: CVE-2024-9212: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: February 28, 2025 | Severity: 6

WordPress Plugin: database-backup: CVE-2024-13910: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Published: February 28, 2025 | Severity: 8

WordPress Plugin: ip2location-redirection: CVE-2025-1502: Missing Authorization

Published: February 28, 2025 | Severity: 5

WordPress Plugin: generateblocks: CVE-2024-13546: Exposure of Sensitive Information to an Unauthorized Actor

Published: February 28, 2025 | Severity: 4

WordPress Plugin: kadence-blocks: CVE-2025-1291: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: February 28, 2025 | Severity: 5

WordPress Plugin: counter-box: CVE-2024-13901: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Published: February 28, 2025 | Severity: 3

Debian: CVE-2025-25723: gpac -- security update

Published: February 28, 2025 | Severity: 7

WordPress Plugin: setsail-membership: CVE-2025-1564: Authentication Bypass Using an Alternate Path or Channel

Published: February 28, 2025 | Severity: 10

SUSE: CVE-2025-1744: SUSE Linux Security Advisory

Published: February 28, 2025 | Severity: 10

Debian: CVE-2025-1795: python3.11, python3.9 -- security update

Published: February 28, 2025 | Severity: 5

Amazon Linux AMI 2: CVE-2025-1795: Security patch for python3 (ALAS-2025-2808)

Published: February 28, 2025 | Severity: 5

WordPress Plugin: wc4bp: CVE-2025-1780: Missing Authorization

Published: February 28, 2025 | Severity: 4

WordPress Plugin: wc4bp: CVE-2024-13358: Missing Authorization

Published: February 28, 2025 | Severity: 4

SUSE: CVE-2025-1795: SUSE Linux Security Advisory

Published: February 28, 2025 | Severity: 5

WordPress Plugin: alloggio-membership: CVE-2025-1638: Authentication Bypass Using an Alternate Path or Channel

Published: February 28, 2025 | Severity: 10

WordPress Plugin: authors-list: CVE-2024-13806: Improper Control of Generation of Code ('Code Injection')

Published: February 28, 2025 | Severity: 6

WordPress Plugin: exertio-framework: CVE-2024-13373: Unverified Password Change

Published: February 28, 2025 | Severity: 8

WordPress Plugin: database-backup: CVE-2024-13911: Exposure of Sensitive Information to an Unauthorized Actor

Published: February 28, 2025 | Severity: 8