Lucene search
+L

4 matches found

CVE
CVE
added 3 days ago7 views

CVE-2026-61718

Bunkerweb (WAF) exposes a vulnerability in versions 1.6.2–1.6.12 where the BiscuitMiddleware authorization bypass for the /cache/ routes allowed low-privilege read-only users to delete job cache files. Specifically, routes in src/ui/app/routes/cache.py were only protected by @login_required despi...

5.4CVSS6.1AI score0.00306EPSS
Exploits0References3
OSV
OSV
added 2018/05/29 8:29 p.m.19 views

CVE-2016-10680

adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...

8.1CVSS8.2AI score0.00717EPSS
Exploits0References1
Prion
Prion
added 2018/05/29 8:29 p.m.15 views

Code injection

adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...

6.8CVSS6.9AI score0.00717EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/05/29 8:0 p.m.24 views

CVE-2016-10680

adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...

8AI score0.00717EPSS
Exploits0References1
Rows per page
Query Builder