Lucene search

K

Geoip Security Vulnerabilities

cve
cve

CVE-2016-10680

adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...

8.1CVSS

7.8AI Score

0.001EPSS

2018-05-29 08:29 PM
31
cve
cve

CVE-2016-10568

geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM...

8.1CVSS

7.9AI Score

0.001EPSS

2018-05-29 08:29 PM
30
cve
cve

CVE-2007-0159

Directory traversal vulnerability in the GeoIP_update_database_general function in libGeoIP/GeoIPUpdate.c in GeoIP 1.4.0 allows remote malicious update servers (possibly only update.maxmind.com) to overwrite arbitrary files via a .. (dot dot) in the database filename, which is returned by a...

6.5AI Score

0.024EPSS

2007-01-10 12:28 AM
26