CWE-602
Medium likelihoodClient-Side Enforcement of Server-Side Security
The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
118 vulnerabilities with CWE-602
CVE-2023-0581
MEDIUM
PrivateContent WordPress <8.4.3 - Auth Bypass
CVSS 5.3
CVE-2022-3310
MEDIUM
Google Chrome <106.0.5249.62 - Privilege Escalation
CVSS 6.5
CVE-2022-3308
HIGH
Google Chrome <106.0.5249.62 - Sandbox Escape
CVSS 7.4
CVE-2022-3047
MEDIUM
Google Chrome <105.0.5195.52 - Privilege Escalation
CVSS 6.5
CVE-2022-1525
CRITICAL
Cognex 3D-A1000 Dimensioning System <1.0.3 (3354) - Auth Bypass
CVSS 9.1
CVE-2022-31233
MEDIUM
Unisphere for PowerMax <9.2.3.15 - Privilege Escalation
CVSS 6.3
CVE-2022-20658
CRITICAL
Cisco Unified CCMP/CCDM - Privilege Escalation
CVSS 9.6
CVE-2021-36338
MEDIUM
Unisphere for PowerMax <9.2.2.2 - Privilege Escalation
CVSS 6.3
CVE-2021-21544
LOW
Dell EMC iDRAC9 < 4.40.00.00 - Authenticated Username Manipulation via Comment Section
CVSS 2.7
CVE-2021-21531
HIGH
Dell Unisphere for PowerMax <9.2.1.6 - Auth Bypass
CVSS 8.1
CVE-2020-27268
MEDIUM
SOOIL Developments Co., Ltd Diabecare RS - Auth Bypass
CVSS 6.5
CVE-2020-24683
CRITICAL
S+ Operations <2.1 SP1 - Auth Bypass
CVSS 9.8
CVE-2020-5345
MEDIUM
Dell EMC Unisphere for PowerMax < 9.1.0.17 - Authenticated Authorization Bypass
CVSS 6.4
CVE-2020-8162
HIGH
Rails <5.2.4.2, <6.0.3.1 - Info Disclosure
CVSS 7.5
CVE-2017-12161
HIGH
Keycloak < 3.4.2 - Password Reset Token Spoofing via Hosts File Manipulation
CVSS 8.8
CVE-2017-14013
MEDIUM
ProMinent MultiFLEX M10a - Privilege Escalation
CVSS 5.6
CVE-2014-2374
AXN-NET Ethernet module accessory 3.04 - Info Disclosure
CVE-2014-2373
AXN-NET Ethernet module accessory 3.04 - Info Disclosure
Details
Vulnerabilities
118
Exploit Likelihood
Medium