Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-04 | CVE-2020-13835 | Improper Restriction of Excessive Authentication Attempts vulnerability in Google Android 8.0 An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. | 9.8 |
| 2020-06-04 | CVE-2020-13805 | Improper Restriction of Excessive Authentication Attempts vulnerability in Foxitsoftware Reader An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. | 9.8 |
| 2020-06-04 | CVE-2020-4193 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.1 IBM Security Guardium 11.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 9.8 |
| 2020-05-28 | CVE-2020-4232 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. | 7.5 |
| 2020-05-11 | CVE-2020-12752 | Improper Restriction of Excessive Authentication Attempts vulnerability in Google Android 10.0/9.0 An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. | 7.5 |
| 2020-05-07 | CVE-2020-11052 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sorcery Project Sorcery In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. | 9.8 |
| 2020-05-04 | CVE-2020-10876 | Improper Restriction of Excessive Authentication Attempts vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. | 7.5 |
| 2020-04-21 | CVE-2019-17525 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dir-615 Firmware 20.10 The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. | 8.8 |
| 2020-04-08 | CVE-2020-11650 | Improper Restriction of Excessive Authentication Attempts vulnerability in Ixsystems Freenas Firmware and Truenas Firmware An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. | 7.5 |
| 2020-04-08 | CVE-2020-8827 | Improper Restriction of Excessive Authentication Attempts vulnerability in Argoproj Argo CD As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. | 7.5 |