Fallos del tipo CWE-602
121 resultadosCVE-2024-42340HIGHCyberArk - CWE-602: Client-Side Enforcement of Server-Side SecurityEPSS 0.3%CVE-2024-43188MEDIUMIBM Business Automation Workflow improper input validationEPSS 0.3%CVE-2025-1838MEDIUMIBM Cloud Pak for Business Automation denial of serviceEPSS 0.3%CVE-2025-32808HIGHW. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their quiz performance into the backend, because EPSS 0.3%CVE-2025-61197HIGHAn issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio Optimod version 1.0.0.33 - System version 2.5.26 EPSS 0.3%CVE-2024-49824MEDIUMIBM Robotic Process Automation security bypassEPSS 0.3%CVE-2023-30955MEDIUMFoundry workspace-server Developer Mode Authorization BypassEPSS 0.3%CVE-2026-30521MEDIUMA Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application EPSS 0.3%CVE-2026-0808MEDIUMSpin Wheel <= 2.1.0 - Unauthenticated Client-Side Prize Manipulation via 'prize_index' ParameterEPSS 0.3%CVE-2022-31233MEDIUMUnisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially expEPSS 0.3%CVE-2026-11011HIGHInsufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.3%CVE-2024-52960MEDIUMA client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and beEPSS 0.3%CVE-2025-9495HIGHViessmann Vitogate 300 Authentication BypassEPSS 0.3%CVE-2025-33137HIGHIBM Aspera Faspex data modificationEPSS 0.3%CVE-2025-12788MEDIUMHydra Booking – All in One Appointment Booking System | Appointment Scheduling, Booking Calendar & WooCommerce Bookings <= 1.1.27 - Missing Payment Verification to Unauthenticated Payment BypassEPSS 0.3%CVE-2025-7820HIGHSKT PayPal for WooCommerce <= 1.4 - Unauthenticated Payment BypassEPSS 0.3%CVE-2026-11018MEDIUMInsufficient policy enforcement in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictionsEPSS 0.3%CVE-2026-11025MEDIUMInsufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass contentEPSS 0.3%CVE-2025-28168MEDIUMThe Multiple File Upload add-on component 3.1.0 for OutSystems is vulnerable to Unrestricted File Upload. This occurs because file extensionEPSS 0.3%CVE-2025-47697MEDIUMClient-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass aEPSS 0.3%