Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-06 | CVE-2019-16670 | Improper Restriction of Excessive Authentication Attempts vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 9.8 |
| 2019-12-03 | CVE-2013-2228 | Improper Restriction of Excessive Authentication Attempts vulnerability in Saltstack 0.14.0/0.14.1/0.15.0 SaltStack RSA Key Generation allows remote users to decrypt communications | 8.1 |
| 2019-11-29 | CVE-2019-5309 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Honor Play Firmware Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . | 4.6 |
| 2019-11-29 | CVE-2019-5263 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Hisuite and Hwbackup HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. | 5.5 |
| 2019-11-15 | CVE-2019-18986 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pimcore Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. | 7.5 |
| 2019-11-15 | CVE-2019-18985 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pimcore Pimcore before 6.2.2 lacks brute force protection for the 2FA token. | 9.8 |
| 2019-11-04 | CVE-2013-2257 | Improper Restriction of Excessive Authentication Attempts vulnerability in Cryptocat Project Cryptocat Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness | 7.5 |
| 2019-10-14 | CVE-2019-12941 | Improper Restriction of Excessive Authentication Attempts vulnerability in Autopi 4G/Lte Firmware and Wi-Fi/Nb Firmware AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. | 9.8 |
| 2019-10-06 | CVE-2019-17240 | Improper Restriction of Excessive Authentication Attempts vulnerability in Bludit 3.9.2 bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers. | 9.8 |
| 2019-10-06 | CVE-2019-17215 | Improper Restriction of Excessive Authentication Attempts vulnerability in Vzug Combi-Stream Mslq Firmware Ethernetr07 An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. | 9.8 |