Total
362 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-41904 | 1 Siemens | 1 Sinec Traffic Analyzer | 2024-08-14 | N/A | 7.5 HIGH |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate user credentials or keys. | |||||
| CVE-2024-41682 | 1 Siemens | 1 Location Intelligence | 2024-08-14 | N/A | 5.3 MEDIUM |
| A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated remote attacker to conduct brute force attacks against legitimate user passwords. | |||||
| CVE-2024-39398 | 1 Adobe | 2 Commerce, Magento | 2024-08-14 | N/A | 7.4 HIGH |
| Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to perform brute force attacks and potentially gain unauthorized access to accounts. Exploitation of this issue does not require user interaction, but attack complexity is high. | |||||
| CVE-2024-38888 | 2024-08-08 | N/A | 6.8 MEDIUM | ||
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts. | |||||
| CVE-2020-8827 | 1 Argoproj | 1 Argo Cd | 2024-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authentication attempts without consequence. | |||||
| CVE-2021-28248 | 1 Broadcom | 1 Ehealth | 2024-08-03 | 5.0 MEDIUM | 7.5 HIGH |
| CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2023-41270 | 1 Samsung | 2 Ue40d7000, Ue40d7000 Firmware | 2024-08-02 | N/A | 4.3 MEDIUM |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools. | |||||
| CVE-2023-26756 | 1 Revive | 1 Adserver | 2024-08-02 | N/A | 7.5 HIGH |
| The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features. | |||||
| CVE-2024-25031 | 1 Ibm | 1 Storage Defender | 2024-08-01 | N/A | 6.5 MEDIUM |
| IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678. | |||||
| CVE-2023-24051 | 2024-08-01 | N/A | 9.8 CRITICAL | ||
| A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via brute force style attacks. | |||||
| CVE-2024-28833 | 1 Checkmk | 1 Checkmk | 2024-07-23 | N/A | 7.5 HIGH |
| Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms. | |||||
| CVE-2024-5862 | 2024-06-24 | N/A | 7.5 HIGH | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation.This issue affects Mia-Med Health Aplication: before 1.0.14. | |||||
| CVE-2024-35747 | 1 Contact Form Builder Project | 1 Contact Form Builder | 2024-06-12 | N/A | 5.3 MEDIUM |
| Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7. | |||||
| CVE-2023-23730 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0. | |||||
| CVE-2023-45009 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through 1.11.3. | |||||
| CVE-2023-48318 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact Form Email allows Functionality Bypass.This issue affects Contact Form Email: from n/a through 1.3.41. | |||||
| CVE-2023-48290 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through 1.15.20. | |||||
| CVE-2023-44235 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0. | |||||
| CVE-2023-34001 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects Hide My WP Ghost: from n/a through 5.0.25. | |||||
| CVE-2023-48745 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
| Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through 2.9. | |||||