143 matches found
CVE-2025-8792
A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...
CVE-2025-8792 LitmusChaos Litmus client-side enforcement of server-side security
A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...
CVE-2025-8792 LitmusChaos Litmus client-side enforcement of server-side security
A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...
LitmusChaos 安全漏洞
LitmusChaos is a program open-sourced by Litmus Chaos that practices chaos engineering in a cloud-native manner. A security vulnerability exists in LitmusChaos 3.19.0 and earlier versions that stems from client-side enforcement of server-side security...
CVE-2025-36039
IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,...
IBM Aspera Faspex Code Issue Vulnerability
IBM Aspera Faspex is IBM's high-performance file transfer solution designed to transfer large files quickly and reliably. A security vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.12.1, which stems from insufficient client-side enforcement of server-side security mechanisms...
CVE-2025-36039
IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,...
CVE-2025-36040
CVE-2025-36040 affects IBM Aspera Faspex 5.0.0–5.0.12.1. Description in provided documents indicates an authenticated user could perform unauthorized actions due to client-side enforcement of server-side security mechanisms. The vulnerability is documented across multiple feeds (Red Hat, CNVD, NV...
CVE-2025-36040 IBM Aspera Faspex session fixation
IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...
CVE-2025-36039 IBM Aspera Faspex bypass security
IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,...
CVE-2025-36039
Summary (CVE-2025-36039) IBM Aspera Faspex 5.0.0–5.0.12.1 contains a vulnerability where an authenticated user can perform unauthorized actions due to client-side enforcement of server-side security mechanisms. The issue is tied to how Faspex handles security checks on the client side, allowing a...
PT-2025-31461 · Ibm · Ibm Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.12.1 Description: The software may allow an authenticated user to perform unauthorized actions due to client-side enforcement of server-side security mechanisms. Recommendations: Update to a versio...
PT-2025-31460 · Ibm · Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.12.1 Description: IBM Aspera Faspex versions 5.0.0 through 5.0.12.1 may allow an authenticated user to perform unauthorized actions due to client-side enforcement of server-side security mechanisms...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-47697
CVE-2025-47697 concerns the product wivia 5 (all versions), where a client-side enforcement of server-side security issue (CWE-602) could let an unauthenticated attacker bypass authentication and operate the device as the moderator user. The affected component is the web/app interface for wivia 5...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2024-32512
Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing Important Client Functionality.This issue affects weForms: from n/a through 1.6.20...
CVE-2024-31491
A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests...
CVE-2024-32685
Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.2.5...
CVE-2024-42013
In GRAU DATA Blocky before 3.1, Blocky-Gui has a Client-Side Enforcement of Server-Side Security vulnerability. An attacker with Windows administrative or debugging privileges can patch a binary in memory or on disk to bypass the password login requirement and gain full access to all functions of...