Vulnerabilities > Improper Restriction of Excessive Authentication Attempts

DATE CVE VULNERABILITY TITLE RISK
2024-08-16 CVE-2024-42465 Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.
network
low complexity
upkeeper CWE-307
critical
9.8
2024-08-16 CVE-2024-42466 Improper Restriction of Excessive Authentication Attempts vulnerability in Upkeeper Manager
Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9.
network
low complexity
upkeeper CWE-307
critical
9.8
2024-08-14 CVE-2024-39398 Improper Restriction of Excessive Authentication Attempts vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass.
network
high complexity
adobe CWE-307
7.4
2024-08-13 CVE-2024-41682 Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Location Intelligence
A vulnerability has been identified in Location Intelligence family (All versions < V4.4).
network
low complexity
siemens CWE-307
5.3
2024-08-13 CVE-2024-41904 Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Sinec Traffic Analyzer
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0).
network
low complexity
siemens CWE-307
7.5
2024-08-06 CVE-2024-39225 Improper Restriction of Excessive Authentication Attempts vulnerability in Gl-Inet products
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a remote code execution (RCE) vulnerability.
network
low complexity
gl-inet CWE-307
critical
9.8
2024-07-12 CVE-2024-39917 Improper Restriction of Excessive Authentication Attempts vulnerability in Neutrinolabs Xrdp
xrdp is an open source RDP server.
network
low complexity
neutrinolabs CWE-307
critical
9.8
2024-07-09 CVE-2024-39873 Improper Restriction of Excessive Authentication Attempts vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
network
low complexity
siemens CWE-307
7.5
2024-06-11 CVE-2024-28022 Improper Restriction of Excessive Authentication Attempts vulnerability in Hitachienergy Foxman-Un and Unem
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account.
network
high complexity
hitachienergy CWE-307
6.5
2024-06-10 CVE-2024-28833 Improper Restriction of Excessive Authentication Attempts vulnerability in Checkmk 2.3.0
Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms.
network
low complexity
checkmk CWE-307
7.5