Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-29 | CVE-2020-27747 | Improper Restriction of Excessive Authentication Attempts vulnerability in Clickstudios Passwordstate 8.9 An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. | 6.8 |
| 2020-10-22 | CVE-2020-15906 | Improper Restriction of Excessive Authentication Attempts vulnerability in Tiki tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts. | 9.8 |
| 2020-10-12 | CVE-2020-5141 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sonicwall Sonicos and Sonicosv A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. | 6.5 |
| 2020-10-05 | CVE-2020-8228 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times. | 5.3 |
| 2020-09-27 | CVE-2020-25827 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. | 7.5 |
| 2020-09-18 | CVE-2020-15770 | Improper Restriction of Excessive Authentication Attempts vulnerability in Gradle Enterprise 2018.5 An issue was discovered in Gradle Enterprise 2018.5. | 5.5 |
| 2020-09-14 | CVE-2020-13312 | Improper Restriction of Excessive Authentication Attempts vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 9.8 |
| 2020-08-31 | CVE-2020-12645 | Improper Restriction of Excessive Authentication Attempts vulnerability in Open-Xchange Appsuite 7.10.1 OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption. | 9.8 |
| 2020-08-26 | CVE-2020-13617 | Improper Restriction of Excessive Authentication Attempts vulnerability in Mitel products The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts. | 7.5 |
| 2020-08-26 | CVE-2020-24007 | Improper Restriction of Excessive Authentication Attempts vulnerability in Umanni Human Resources 1.0 Umanni RH 1.0 does not limit the number of authentication attempts. | 9.8 |