138 matches found
Client-Side Enforcement of Server-Side Security
Overview jupyterlab is a JupyterLab computational environment. Affected versions of this package are vulnerable to Client-Side Enforcement of Server-Side Security via improper enforcement of the allowedextensionsuris. An attacker can gain unauthorized access to install unapproved extensions by...
Client-Side Enforcement of Server-Side Security
Overview Affected versions of this package are vulnerable to Client-Side Enforcement of Server-Side Security via the shareInfoHandler process. An attacker can gain unauthorized access to confidential shared files by querying the public API endpoint and extracting tokenized download URLs, which...
CVE-2026-23859
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...
CVE-2026-23859
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...
CVE-2026-23859
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...
CVE-2026-23859
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...
CVE-2026-23859
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side Enforcement of Server-Side Security vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability to Protection mechanism bypass...
PT-2026-21796
Name of the Vulnerable Software and Affected Versions Dell Wyse Management Suite versions prior to 5.5 Description Dell Wyse Management Suite versions prior to 5.5 have a Client-Side Enforcement of Server-Side Security issue. A high privileged attacker with remote access could potentially bypass ...
CVE-2026-1363
IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...
CVE-2026-1363 JNC|IAQS and I6 - Client-Side Enforcement of Server-Side Security
IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...
CVE-2026-1363 JNC|IAQS and I6 - Client-Side Enforcement of Server-Side Security
IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...
CVE-2026-1363
IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end...
PT-2026-4342
Name of the Vulnerable Software and Affected Versions IAQS and I6 affected versions not specified Description A security flaw exists in IAQS and I6 developed by JNC, allowing unauthenticated remote attackers to obtain administrator privileges. This is due to a client-side enforcement of server-si...
CVE-2025-14687
IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...
CVE-2025-14687
IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...
CVE-2025-14687 Client-Side Enforcement of Server-Side Security in IBM Db2 Intelligence Center
IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...
CVE-2025-14687
CVE-2025-14687 affects IBM Db2 Intelligence Center versions 1.1.0–1.1.2. The vulnerability arises from client-side enforcement of server-side security mechanisms, allowing an authenticated user to perform unauthorized actions. Red Hat and CVE records corroborate the issue and reference the IBM ad...
CVE-2025-14687 Client-Side Enforcement of Server-Side Security in IBM Db2 Intelligence Center
IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms...
Security Bulletin: Multiple vulnerabilities that affect IBM Db2 Intelligence Center (CVE-2025-47913, CVE-2022-25927, CVE-2025-6493, CWE-400, CWE-1333, CVE-2025-14687
Summary Multiple vulnerabilties fixed with Db2 Intelligence Center 1.1.3. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. CVSS Source: CISA ADP CVSS Base...
EUVD-2025-201817
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security...