Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-06 | CVE-2021-38155 | Improper Restriction of Excessive Authentication Attempts vulnerability in Openstack Keystone OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). | 7.5 |
| 2021-08-02 | CVE-2021-27943 | Improper Restriction of Excessive Authentication Attempts vulnerability in Vizio E50X-E1 Firmware and P65-F1 Firmware The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and mobile application is vulnerable to a brute-force attack (against only 10000 possibilities), allowing a threat actor to forcefully pair the device, leading to remote control of the TV settings and configurations. | 7.5 |
| 2021-07-30 | CVE-2021-35472 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products An issue was discovered in LemonLDAP::NG before 2.0.12. | 8.8 |
| 2021-07-25 | CVE-2021-3663 | Improper Restriction of Excessive Authentication Attempts vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts | 7.5 |
| 2021-07-21 | CVE-2020-23283 | Improper Restriction of Excessive Authentication Attempts vulnerability in MV Mconnect 02.001.00/2013.1.6.8 Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force. | 7.5 |
| 2021-07-07 | CVE-2021-20415 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Guardium Data Encryption 4.0.0.4 IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2021-07-01 | CVE-2021-28127 | Improper Restriction of Excessive Authentication Attempts vulnerability in Stormshield Network Security An issue was discovered in Stormshield SNS through 4.2.1. | 7.5 |
| 2021-06-11 | CVE-2021-22915 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. | 9.8 |
| 2021-06-08 | CVE-2021-33190 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apache Apisix Dashboard 2.6 In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. | 5.3 |
| 2021-05-26 | CVE-2021-22737 | Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack. | 9.8 |