Vulnerabilities > Improper Restriction of Excessive Authentication Attempts

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-20	CVE-2025-1496	Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This issue affects Coslat Hotspot: before 6.26.0.R.20250227. network low complexity CWE-307	6.5
2025-03-06	CVE-2024-51476	IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. network low complexity CWE-307	7.5
2025-03-04	CVE-2025-23368	A flaw was found in Wildfly Elytron integration. network high complexity CWE-307	8.1
2024-12-17	CVE-2024-8429	Improper Restriction of Excessive Authentication Attempts vulnerability in Digital Operation Services WiFiBurada allows Use of Known Domain Credentials.This issue affects WiFiBurada: before 1.0.5. network low complexity CWE-307	4.3
2024-12-13	CVE-2024-38488	Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Recoverpoint for Virtual Machines 6.0 Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. network low complexity dell CWE-307 critical	9.8
2024-11-26	CVE-2024-49597	Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. network low complexity dell CWE-307	7.2
2024-11-04	CVE-2024-51558	Improper Restriction of Excessive Authentication Attempts vulnerability in 63Moons Aero and Wave 2.0 This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. network low complexity 63moons CWE-307 critical	9.8
2024-10-09	CVE-2024-7292	Improper Restriction of Excessive Authentication Attempts vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a credential stuffing attack is possible through improper restriction of excessive login attempts. network low complexity progress CWE-307	8.8
2024-10-04	CVE-2024-47656	Improper Restriction of Excessive Authentication Attempts vulnerability in Shilpisoft Client Dashboard This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. network low complexity shilpisoft CWE-307 critical	9.8
2024-09-19	CVE-2024-47088	Improper Restriction of Excessive Authentication Attempts vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. network low complexity apexsoftcell CWE-307 critical	9.8