Lucene search
K

143 matches found

OSV
OSV
added 2025/08/10 4:15 a.m.3 views

CVE-2025-8792

A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

5.3CVSS4.9AI score0.00982EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/10 3:32 a.m.5 views

CVE-2025-8792 LitmusChaos Litmus client-side enforcement of server-side security

A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

5.3CVSS7AI score0.00982EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/10 3:32 a.m.13 views

CVE-2025-8792 LitmusChaos Litmus client-side enforcement of server-side security

A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

5.3CVSS0.00982EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/08/10 12:0 a.m.7 views

LitmusChaos 安全漏洞

LitmusChaos is a program open-sourced by Litmus Chaos that practices chaos engineering in a cloud-native manner. A security vulnerability exists in LitmusChaos 3.19.0 and earlier versions that stems from client-side enforcement of server-side security...

5.3CVSS4.8AI score0.00982EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/08/02 8:23 p.m.4 views

CVE-2025-36039

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,...

6.5CVSS6.1AI score0.00257EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/01 12:0 a.m.9 views

IBM Aspera Faspex Code Issue Vulnerability

IBM Aspera Faspex is IBM's high-performance file transfer solution designed to transfer large files quickly and reliably. A security vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.12.1, which stems from insufficient client-side enforcement of server-side security mechanisms...

6.5CVSS6.7AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2025/07/31 12:15 a.m.7 views

CVE-2025-36039

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,...

6.5CVSS0.00257EPSS
Exploits0References1
CVE
CVE
added 2025/07/30 11:48 p.m.24 views

CVE-2025-36040

CVE-2025-36040 affects IBM Aspera Faspex 5.0.0–5.0.12.1. Description in provided documents indicates an authenticated user could perform unauthorized actions due to client-side enforcement of server-side security mechanisms. The vulnerability is documented across multiple feeds (Red Hat, CNVD, NV...

6.5CVSS6.7AI score0.00209EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/30 11:48 p.m.11 views

CVE-2025-36040 IBM Aspera Faspex session fixation

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...

6.5CVSS0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/30 11:47 p.m.3 views

CVE-2025-36039 IBM Aspera Faspex bypass security

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,...

6.5CVSS6.1AI score0.00257EPSS
Exploits0References1
CVE
CVE
added 2025/07/30 11:47 p.m.24 views

CVE-2025-36039

Summary (CVE-2025-36039) IBM Aspera Faspex 5.0.0–5.0.12.1 contains a vulnerability where an authenticated user can perform unauthorized actions due to client-side enforcement of server-side security mechanisms. The issue is tied to how Faspex handles security checks on the client side, allowing a...

6.5CVSS6.7AI score0.00257EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.6 views

PT-2025-31461 · Ibm · Ibm Aspera Faspex

Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.12.1 Description: The software may allow an authenticated user to perform unauthorized actions due to client-side enforcement of server-side security mechanisms. Recommendations: Update to a versio...

6.8CVSS6.4AI score0.00209EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.7 views

PT-2025-31460 · Ibm · Aspera Faspex

Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.12.1 Description: IBM Aspera Faspex versions 5.0.0 through 5.0.12.1 may allow an authenticated user to perform unauthorized actions due to client-side enforcement of server-side security mechanisms...

6.8CVSS6.2AI score0.00257EPSS
Exploits0References6
NVD
NVD
added 2025/05/30 7:15 a.m.10 views

CVE-2025-47697

Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...

7.5CVSS0.00273EPSS
Exploits0References2
CVE
CVE
added 2025/05/30 6:36 a.m.51 views

CVE-2025-47697

CVE-2025-47697 concerns the product wivia 5 (all versions), where a client-side enforcement of server-side security issue (CWE-602) could let an unauthenticated attacker bypass authentication and operate the device as the moderator user. The affected component is the web/app interface for wivia 5...

7.5CVSS7.5AI score0.00273EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/05/30 6:36 a.m.17 views

CVE-2025-47697

Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...

6.9CVSS0.00273EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:49 a.m.4 views

CVE-2024-32512

Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing Important Client Functionality.This issue affects weForms: from n/a through 1.6.20...

5.3CVSS7AI score0.00342EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:45 a.m.4 views

CVE-2024-31491

A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests...

8.8CVSS7.4AI score0.00834EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:34 a.m.9 views

CVE-2024-32685

Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.2.5...

5.3CVSS6.8AI score0.00388EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:8 a.m.7 views

CVE-2024-42013

In GRAU DATA Blocky before 3.1, Blocky-Gui has a Client-Side Enforcement of Server-Side Security vulnerability. An attacker with Windows administrative or debugging privileges can patch a binary in memory or on disk to bypass the password login requirement and gain full access to all functions of...

6.4CVSS7.3AI score0.0016EPSS
Exploits0References1
Rows per page
Query Builder