CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1030 matches found

CVE-2026-30923

A flaw was found in libModSecurity3, a component of the ModSecurity web application firewall WAF. An attacker can exploit a segmentation fault by sending a specially crafted query string parameter containing a single character, which is then processed by a rule using the t:hexDecode transformatio...

8.2CVSS5.7AI score0.00052EPSS

Exploits0References5

GithubExploit•added 5 days ago•51 views

bastion-waf-simulator

BASTION — Web Application Firewall Simulator A real-time We...

6AI score

Exploits0

Fedora•added 5 days ago•13 views

[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-18.fc43

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS5.8AI score0.00076EPSS

Exploits3

Akamai Blog•added 2026/05/28 12:0 p.m.•8 views

Consistent Protections Without Compromise: Akamai’s WAF Is Now on AWS Marketplace

...

5.8AI score

Exploits0

Fedora•added 2026/05/28 1:13 a.m.•7 views

[SECURITY] Fedora 44 Update: nginx-mod-naxsi-1.6-18.fc44

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS5.8AI score0.00076EPSS

Exploits3

SUSE CVE•added 2026/05/26 1:52 a.m.•12 views

SUSE CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

7.5CVSS5.6AI score0.00052EPSS

Exploits1References3

GithubExploit•added 2026/05/24 10:27 a.m.•53 views

FortressWAF

FortressWAF — Web Application Firewall !Licensehttps://im...

5.9AI score

Exploits0

GithubExploit•added 2026/05/19 1:53 p.m.•46 views

py-waf

py-waf Python rever...

5.8AI score

Exploits0

GithubExploit•added 2026/05/17 7:2 p.m.•45 views

waf-demo

No d...

5.8AI score

Exploits0

GithubExploit•added 2026/05/17 4:8 a.m.•46 views

Advance_WAF_project_CS

WAFinity - Infinite Protection, Intelligent Detection WAFin...

5.9AI score

Exploits0

Fedora•added 2026/05/15 9:9 p.m.•6 views

[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-17.fc43

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS6AI score0.00288EPSS

Exploits34

Fedora•added 2026/05/15 8:58 p.m.•8 views

[SECURITY] Fedora 44 Update: nginx-mod-naxsi-1.6-17.fc44

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS6AI score0.00288EPSS

Exploits34

RedhatCVE•added 2026/05/15 6:4 p.m.•4 views

CVE-2026-39805

A flaw was found in Bandit, an HTTP server. This vulnerability allows for HTTP request smuggling due to the server's inconsistent handling of duplicate Content-Length headers in HTTP requests. An unauthenticated attacker can exploit this by sending a specially crafted request. If Bandit is...

7.4CVSS5.8AI score0.00031EPSS

Exploits0References7

EUVD•added 2026/05/13 6:30 p.m.•7 views

EUVD-2026-29969

When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.8AI score0.00098EPSS

Exploits0References2

NVD•added 2026/05/13 4:16 p.m.•9 views

CVE-2026-40060

8.7CVSS0.00098EPSS

Exploits0References1

CVE•added 2026/05/13 2:12 p.m.•12 views

CVE-2026-40060

CVE-2026-40060 affects BIG-IP Advanced WAF/ASM when a security policy is configured on a virtual server; undisclosed requests can cause the bd process to terminate, resulting in DoS with traffic disruption as the process restarts. In F5 advisories, vulnerable branches include BIG-IP Advanced WAF/...

8.7CVSS5.8AI score0.00098EPSS

Exploits0References1