Lucene search
K

142 matches found

NVD
NVD
added 6 days ago6 views

CVE-2025-36327

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security...

6.5CVSS0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago29 views

CVE-2025-36327 Vulnerabilities found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security...

6.5CVSS0.00375EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2025-36327

CVE-2025-36327 affects IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, and 5.3.0. An authenticated user can bypass security controls and perform unauthorized actions due to client-side enforcement of server-side security. The issue is described as a failure of client-side controls to enforce s...

6.5CVSS5.8AI score0.00375EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-53979

Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An authenticated user can bypass security controls and perform unauthorized actions. This occurs because security checks that should be enforced on the server are instead...

6.5CVSS6AI score0.00375EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/05 8:53 p.m.13 views

Client-Side Enforcement of Server-Side Security

Overview jupyterlab is a JupyterLab computational environment. Affected versions of this package are vulnerable to Client-Side Enforcement of Server-Side Security via improper enforcement of the allowedextensionsuris. An attacker can gain unauthorized access to install unapproved extensions by...

8.8CVSS5.8AI score0.0053EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/09 7:48 p.m.1 views

Client-Side Enforcement of Server-Side Security

Overview Affected versions of this package are vulnerable to Client-Side Enforcement of Server-Side Security via the shareInfoHandler process. An attacker can gain unauthorized access to confidential shared files by querying the public API endpoint and extracting tokenized download URLs, which...

8.7CVSS5.8AI score0.00544EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/25 10:19 p.m.7 views

CVE-2026-23859

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...

2.7CVSS5.5AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 8:27 p.m.10 views

CVE-2026-23859

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...

2.7CVSS5.8AI score0.0025EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/24 7:35 p.m.4 views

CVE-2026-23859

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...

2.7CVSS5.9AI score0.0025EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/24 7:35 p.m.21 views

CVE-2026-23859

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...

2.7CVSS0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/24 7:35 p.m.6 views

CVE-2026-23859

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...

2.7CVSS5.5AI score0.0025EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.8 views

PT-2026-21796

Name of the Vulnerable Software and Affected Versions Dell Wyse Management Suite versions prior to 5.5 Description Dell Wyse Management Suite versions prior to 5.5 have a Client-Side Enforcement of Server-Side Security issue. A high privileged attacker with remote access could potentially bypass ...

2.7CVSS5.3AI score0.0025EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/24 9:15 a.m.14 views

CVE-2026-1363

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...

9.8CVSS5.5AI score0.00538EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 8:37 a.m.5 views

CVE-2026-1363

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...

9.8CVSS5.4AI score0.00538EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/23 8:37 a.m.32 views

CVE-2026-1363 JNC|IAQS and I6 - Client-Side Enforcement of Server-Side Security

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...

9.8CVSS0.00538EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/23 8:37 a.m.5 views

CVE-2026-1363 JNC|IAQS and I6 - Client-Side Enforcement of Server-Side Security

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...

9.8CVSS5.5AI score0.00538EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.10 views

PT-2026-4342

Name of the Vulnerable Software and Affected Versions IAQS and I6 affected versions not specified Description A security flaw exists in IAQS and I6 developed by JNC, allowing unauthenticated remote attackers to obtain administrator privileges. This is due to a client-side enforcement of server-si...

9.8CVSS5.9AI score0.00538EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/12/27 1:38 p.m.8 views

CVE-2025-14687

IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...

4.3CVSS6.5AI score0.00178EPSS
Exploits0References1
NVD
NVD
added 2025/12/26 2:15 p.m.16 views

CVE-2025-14687

IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...

6.5CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/26 1:21 p.m.23 views

CVE-2025-14687 Client-Side Enforcement of Server-Side Security in IBM Db2 Intelligence Center

IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...

4.3CVSS0.00178EPSS
Exploits0References1
Rows per page
Query Builder