Falhas do tipo CWE-602
120 resultadosCVE-2020-8162—A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter thaEPSS 3.1%CVE-2024-23666HIGHA client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData
at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0EPSS 2.7%CVE-2014-2374—Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side SecurityEPSS 1.9%CVE-2014-2373—Accuenergy Accuenergy Acuvim II Client-Side Enforcement of Server-Side SecurityEPSS 1.8%CVE-2020-24683CRITICALAuthentication Bypass in Symphony PlusEPSS 1.4%CVE-2022-20658CRITICALCisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation VulnerabilityEPSS 1.4%CVE-2023-42787MEDIUMA client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAEPSS 1.4%CVE-2017-12161—It was found that keycloak before 3.4.2 final would permit misuse of a client-side /etc/hosts entry to spoof a URL in a password reset requeEPSS 1.4%CVE-2025-40591HIGHA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEEPSS 1.3%CVE-2025-32469CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEEPSS 1.2%CVE-2025-33024CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEEPSS 1.2%CVE-2025-33025CRITICALA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEEPSS 1.2%CVE-2024-9844HIGHInsufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticatEPSS 1.0%CVE-2017-14013—A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The log out funEPSS 0.9%CVE-2023-39218MEDIUMClient-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure EPSS 0.9%CVE-2021-21544LOWDell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with hiEPSS 0.9%CVE-2025-8792MEDIUMLitmusChaos Litmus client-side enforcement of server-side securityEPSS 0.9%CVE-2025-10640CRITICALMissing Server-Side Authentication Checks in EfficientLab WorkExaminer ProfessionalEPSS 0.9%CVE-2023-0704MEDIUMInsufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy aEPSS 0.9%CVE-2024-31491HIGHA client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2EPSS 0.8%