Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2024-0787 | Improper Restriction of Excessive Authentication Attempts vulnerability in PHPipam phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. | 5.9 |
| 2024-11-04 | CVE-2024-51558 | Improper Restriction of Excessive Authentication Attempts vulnerability in 63Moons Aero and Wave 2.0 This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-10-09 | CVE-2024-7292 | Improper Restriction of Excessive Authentication Attempts vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts. | 8.8 |
| 2024-10-04 | CVE-2024-47656 | Improper Restriction of Excessive Authentication Attempts vulnerability in Shilpisoft Client Dashboard This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. | 9.8 |
| 2024-09-19 | CVE-2024-47088 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-09-11 | CVE-2024-45790 | Improper Restriction of Excessive Authentication Attempts vulnerability in Reedos Aim-Star 2.0.1 This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-09-06 | CVE-2024-32771 | Improper Restriction of Excessive Authentication Attempts vulnerability in Qnap QTS and Quts Hero An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. | 2.4 |
| 2024-09-05 | CVE-2024-45589 | Improper Restriction of Excessive Authentication Attempts vulnerability in Identityautomation Rapididentity RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parameters. | 5.9 |
| 2024-08-28 | CVE-2021-22530 | Improper Restriction of Excessive Authentication Attempts vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. | 9.9 |
| 2024-08-16 | CVE-2024-43042 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pluck-Cms Pluck 4.7.18 Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack. | 9.8 |