Fallos del tipo CWE-602
121 resultadosCVE-2024-6620LOWHoneywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site scripting vulnerability. A(n) attacker couEPSS 0.3%CVE-2026-25737HIGHBudibase Arbitrary File Upload Leading to Multiple Critical Vulnerabilities (SSRF, Stored XSS)EPSS 0.3%CVE-2025-32359MEDIUMIn Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configEPSS 0.3%CVE-2026-39415MEDIUMFrappe Learning Management System has Client-Side Manipulation of Quiz ScoresEPSS 0.3%CVE-2026-30522MEDIUMA Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application EPSS 0.3%CVE-2026-23859LOWDell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high priviEPSS 0.3%CVE-2026-42160CRITICALData Space Portal: Incorrect Authorization and Client-Side Enforcement of Server-Side Security in ghcr.io/sovity/ds-portal-ce-backendEPSS 0.2%CVE-2025-5450MEDIUMImproper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure beEPSS 0.2%CVE-2024-39870HIGHA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured tEPSS 0.2%CVE-2025-10161HIGHAuthentication Bypass in Turkguven's PerfektiveEPSS 0.2%CVE-2025-36039MEDIUMIBM Aspera Faspex bypass securityEPSS 0.2%CVE-2025-12115HIGHWPC Name Your Price for WooCommerce <= 2.1.9 - Unauthenticated Price AlterationEPSS 0.2%CVE-2024-44106HIGHInsufficient server-side controls in the management console of Ivanti Workspace Control before version 2025.2 (10.19.0.0) allows a local autEPSS 0.2%CVE-2026-56256HIGHCapgo - Two-Factor Authentication Bypass via Organization Management APIEPSS 0.2%CVE-2026-11287MEDIUMInsufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromisEPSS 0.2%CVE-2026-44567HIGHOpen WebUI: Open WebUI Improper Authorization ControlEPSS 0.2%CVE-2025-27367MEDIUMIBM OpenPages with Watson improper input validationEPSS 0.2%CVE-2026-11014MEDIUMInsufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a EPSS 0.2%CVE-2025-36093MEDIUMsecurity vulnerabilities are addressed with IBM Business Automation Insights iFixes for October 2025.EPSS 0.2%CVE-2026-29077HIGHFrappe: Broken Access Control in DocShareEPSS 0.2%