Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-02 | CVE-2021-27943 | Improper Restriction of Excessive Authentication Attempts vulnerability in Vizio E50X-E1 Firmware and P65-F1 Firmware The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and mobile application is vulnerable to a brute-force attack (against only 10000 possibilities), allowing a threat actor to forcefully pair the device, leading to remote control of the TV settings and configurations. | 7.5 |
| 2021-07-30 | CVE-2021-35472 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products An issue was discovered in LemonLDAP::NG before 2.0.12. | 8.8 |
| 2021-07-25 | CVE-2021-3663 | Improper Restriction of Excessive Authentication Attempts vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts | 7.5 |
| 2021-07-21 | CVE-2020-23283 | Improper Restriction of Excessive Authentication Attempts vulnerability in MV Mconnect 02.001.00/2013.1.6.8 Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force. | 7.5 |
| 2021-07-07 | CVE-2021-20415 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Guardium Data Encryption 4.0.0.4 IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2021-07-07 | CVE-2021-32522 | Improper Restriction of Excessive Authentication Attempts vulnerability in Qsan Sanos, Storage Manager and Xevo Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to discover users’ credentials and obtain access via a brute force attack. | 9.8 |
| 2021-07-01 | CVE-2021-28127 | Improper Restriction of Excessive Authentication Attempts vulnerability in Stormshield Network Security An issue was discovered in Stormshield SNS through 4.2.1. | 7.5 |
| 2021-06-11 | CVE-2021-22915 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. | 9.8 |
| 2021-06-08 | CVE-2021-33190 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apache Apisix Dashboard 2.6 In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. | 5.3 |
| 2021-06-01 | CVE-2021-3412 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat 3Scale and 3Scale API Management It was found that all versions of 3Scale developer portal lacked brute force protections. | 7.3 |