Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-23 | CVE-2024-38176 | An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network. | 8.1 |
| 2024-06-24 | CVE-2024-5862 | Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. | 7.5 |
| 2024-06-10 | CVE-2024-35747 | Improper Restriction of Excessive Authentication Attempts vulnerability in Contact Form Builder Project Contact Form Builder Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7. | 5.3 |
| 2024-06-10 | CVE-2024-28833 | Improper Restriction of Excessive Authentication Attempts vulnerability in Checkmk 2.3.0 Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms. | 7.5 |
| 2024-02-22 | CVE-2024-1104 | An unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb the webservice for all users. | 7.5 |
| 2024-02-09 | CVE-2023-45190 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Engineering Lifecycle Optimization 7.0.2/7.0.3 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |
| 2024-02-09 | CVE-2023-45191 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Engineering Lifecycle Optimization 7.0.2/7.0.3 IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2024-02-02 | CVE-2023-38273 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2024-02-02 | CVE-2023-50326 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2024-01-25 | CVE-2023-33759 | Improper Restriction of Excessive Authentication Attempts vulnerability in Splicecom Maximiser Soft PBX SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack. | 9.8 |