Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-30 | CVE-2022-44022 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pwndoc Project Pwndoc PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by leveraging response timings for authentication attempts. | 5.3 |
| 2022-10-30 | CVE-2022-44023 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pwndoc Project Pwndoc PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by leveraging response messages for authentication attempts. | 5.3 |
| 2022-10-28 | CVE-2022-3741 | Improper Restriction of Excessive Authentication Attempts vulnerability in Chatwoot Impact varies for each individual vulnerability in the application. | 9.8 |
| 2022-10-24 | CVE-2022-39314 | Improper Restriction of Excessive Authentication Attempts vulnerability in Getkirby Kirby Kirby is a flat-file CMS. | 3.7 |
| 2022-10-18 | CVE-2022-35846 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortitester An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated attacker to guess the credentials of an admin user via a brute force attack. | 9.8 |
| 2022-10-17 | CVE-2022-40055 | Improper Restriction of Excessive Authentication Attempts vulnerability in Gxgroup Gpon ONT Titanium 2122A Firmware T2122V1.26Exl An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL allows attackers to escalate privileges via a brute force attack at the login page. | 9.8 |
| 2022-10-12 | CVE-2022-31228 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Xtremio Management Server 6.3.0/6.3.38 Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. | 9.8 |
| 2022-10-12 | CVE-2022-33106 | Improper Restriction of Excessive Authentication Attempts vulnerability in Wijungle U250 Firmware WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over. | 9.8 |
| 2022-09-28 | CVE-2022-36781 | Improper Restriction of Excessive Authentication Attempts vulnerability in Connectwise Screenconnect ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. | 5.3 |
| 2022-09-20 | CVE-2022-33735 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Ws7200-10 Firmware 11.0.2.13 There is a password verification vulnerability in WS7200-10 11.0.2.13. | 6.5 |