Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-13 | CVE-2023-27746 | Improper Restriction of Excessive Authentication Attempts vulnerability in Blackvue Dr750-2Ch IR LTE Firmware and Dr750-2Ch LTE Firmware BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted. | 9.8 |
| 2023-04-11 | CVE-2022-43947 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortios and Fortiproxy An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions. | 8.8 |
| 2023-04-10 | CVE-2023-29005 | Improper Restriction of Excessive Authentication Attempts vulnerability in Flask-Appbuilder Project Flask-Appbuilder Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. | 7.5 |
| 2023-03-27 | CVE-2023-1665 | Improper Restriction of Excessive Authentication Attempts vulnerability in Linagora Twake Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0. | 9.8 |
| 2023-03-27 | CVE-2023-25818 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud server is an open source, personal cloud implementation. | 7.1 |
| 2023-03-23 | CVE-2022-36413 | Improper Restriction of Excessive Authentication Attempts vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a password reset on IDM applications. | 9.1 |
| 2023-03-22 | CVE-2023-27100 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests. | 9.8 |
| 2023-03-22 | CVE-2023-25820 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. | 7.8 |
| 2023-03-21 | CVE-2023-1539 | Improper Restriction of Excessive Authentication Attempts vulnerability in Answer Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6. | 5.3 |
| 2023-03-09 | CVE-2022-29056 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortimail A improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiMail version 6.4.0, version 6.2.0 through 6.2.4 and before 6.0.9 allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form. | 5.3 |