CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14726 matches found

CVE•added 2026/01/06 12:0 a.m.•12 views

CVE-2025-60534

CVE-2025-60534 affects Blue Access Cobalt v02.000.195. The issue is an authentication bypass that lets an attacker selectively proxy requests to operate functionality in the web application without valid credentials. Primary impact is high (CVSS: 9.8, Network attacker, no privileges required, no ...

9.8CVSS6.8AI score0.00691EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/01/06 12:0 a.m.•4 views

Blue Access Cobalt X1 安全漏洞

Blue Access Cobalt X1 is an access control and access management system software from Blue Access USA. A security vulnerability exists in Blue Access Cobalt X1 that stems from an authentication bypass that could allow an attacker to manipulate web application functionality without legitimate...

9.8CVSS6.9AI score0.00691EPSS

Exploits0References3

Vulnrichment•added 2026/01/06 12:0 a.m.•3 views

CVE-2025-60534

Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials...

6.8AI score0.00691EPSS

Exploits0References2

Positive Technologies•added 2026/01/06 12:0 a.m.•6 views

PT-2026-1461

Name of the Vulnerable Software and Affected Versions Blue Access Cobalt version 02.000.195 Description Blue Access Cobalt version 02.000.195 is subject to an authentication bypass. This allows an attacker to selectively proxy requests to operate functionality within the web application without...

9.8CVSS6.7AI score0.00691EPSS

Exploits0References7

ATTACKERKB•added 2026/01/04 11:32 p.m.•4 views

CVE-2025-15447

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different vendor. The research...

7.2AI score0.00035EPSS

Exploits0References4

Cvelist•added 2026/01/04 11:32 p.m.•32 views

CVE-2025-15447

...

0.00035EPSS

Exploits0

Fedora•added 2026/01/04 1:3 a.m.•8 views

[SECURITY] Fedora 42 Update: nginx-mod-naxsi-1.6-12.fc42

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

6.3CVSS6.6AI score0.00371EPSS

Exploits0

Positive Technologies•added 2026/01/04 12:0 a.m.•6 views

PT-2026-1199

Name of the Vulnerable Software and Affected Versions Seeyon Zhiyuan OA Web Application System versions prior to 20251224 Description A flaw exists in Seeyon Zhiyuan OA Web Application System. The issue involves the manipulation of the unitCode argument within an unknown function of the file...

9.8CVSS6.9AI score0.00035EPSS

Exploits0References11

Fedora•added 2026/01/03 12:42 a.m.•6 views

[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-12.fc43

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

6.3CVSS7AI score0.00371EPSS

Exploits0

GithubExploit•added 2026/01/02 7:40 a.m.•165 views

OreaHax-Framework

OreaHax-Framework ╔════════════════════════════════════...

7AI score

Exploits0

NVD•added 2026/01/02 4:15 a.m.•6 views

CVE-2025-15427

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different...

0.00035EPSS

Exploits0

Vulnrichment•added 2026/01/02 4:2 a.m.•5 views

CVE-2025-15427

...

7.3AI score0.00035EPSS

Exploits0

RedhatCVE•added 2025/12/31 12:2 a.m.•11 views

CVE-2025-15211

A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationalitynid can lead to sql injection. The attack can be executed remotely. The...

9.8CVSS6.9AI score0.00315EPSS

Exploits1References1

RedhatCVE•added 2025/12/30 11:15 p.m.•4 views

CVE-2025-15207

A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/viewproducts.php. The manipulation of the argument chkId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS7.1AI score0.00434EPSS

Exploits1References1

GithubExploit•added 2025/12/29 9:20 p.m.•148 views

SQL-Injection-IDPS

Payloads All The Things A list of useful payloads and bypass...

6.8AI score

Exploits0

EUVD•added 2025/12/29 5:32 p.m.•3 views

EUVD-2025-205626

A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available to...

7.5CVSS7.2AI score0.00333EPSS

Exploits1References7

OSV•added 2025/12/29 1:15 p.m.•3 views

CVE-2025-15188

A vulnerability was determined in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/search-invoices.php. Executing a manipulation of the argument searchdata can lead to cross site scripting. The attack can be launched remotel...

4.8CVSS4.1AI score0.00198EPSS

Exploits1References5

GithubExploit•added 2025/12/29 11:55 a.m.•164 views

cyber-attack-detection-main

🔥 Smart Firewall with Machine Learning WAF + ML Đồ án d...

6.6AI score

Exploits0

GithubExploit•added 2025/12/29 8:57 a.m.•159 views

SQLite-Injection-Lab

آزمایشگاه تزریق SQL SQL Injection Lab یک محیط آموزشی جامع ب...

8.2AI score

Exploits0