Vulnerabilities > Improper Restriction of Excessive Authentication Attempts

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2021-27782 Improper Restriction of Excessive Authentication Attempts vulnerability in Hcltech Bigfix Mobile 2.0
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced.
network
low complexity
hcltech CWE-307
7.5
2023-01-10 CVE-2022-38491 Improper Restriction of Excessive Authentication Attempts vulnerability in Easyvista Service Manager 2020.2.125.3/2022.1.109.0.03
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03.
network
low complexity
easyvista CWE-307
7.5
2022-12-28 CVE-2022-4797 Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior to 0.9.1.
network
low complexity
CWE-307
4.3
2022-12-26 CVE-2022-26964 Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-force attack.
network
low complexity
CWE-307
7.5
2022-12-25 CVE-2022-45893 Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative and high-privileged user accounts by changing the value of the ON cookie.
network
low complexity
CWE-307
8.8
2022-11-30 CVE-2022-23746 Improper Restriction of Excessive Authentication Attempts vulnerability in Checkpoint SSL Network Extender
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX).
network
low complexity
checkpoint CWE-307
7.5
2022-11-24 CVE-2022-2650 Improper Restriction of Excessive Authentication Attempts vulnerability in Wger
Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2.
network
low complexity
wger CWE-307
critical
9.8
2022-11-23 CVE-2022-37772 Improper Restriction of Excessive Authentication Attempts vulnerability in Maarch RM
Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application.
network
low complexity
maarch CWE-307
7.5
2022-11-16 CVE-2022-2166 Improper Restriction of Excessive Authentication Attempts vulnerability in Joinmastodon Mastodon
Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon prior to 4.0.0.
network
low complexity
joinmastodon CWE-307
critical
9.8
2022-11-15 CVE-2022-4006 Improper Restriction of Excessive Authentication Attempts vulnerability in Wbce CMS
A vulnerability, which was classified as problematic, has been found in WBCE CMS.
network
low complexity
wbce CWE-307
7.5