Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-18 | CVE-2019-15577 | Improper Restriction of Excessive Authentication Attempts vulnerability in Gitlab An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclosed via groups browsing. | 4.3 |
| 2019-12-16 | CVE-2019-18261 | Improper Restriction of Excessive Authentication Attempts vulnerability in Omron PLC CJ Firmware, PLC CS Firmware and PLC NJ Firmware In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks. | 9.8 |
| 2019-12-06 | CVE-2019-16670 | Improper Restriction of Excessive Authentication Attempts vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 9.8 |
| 2019-12-03 | CVE-2013-2228 | Improper Restriction of Excessive Authentication Attempts vulnerability in Saltstack 0.14.0/0.14.1/0.15.0 SaltStack RSA Key Generation allows remote users to decrypt communications | 8.1 |
| 2019-11-29 | CVE-2019-5309 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Honor Play Firmware Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . | 4.6 |
| 2019-11-29 | CVE-2019-5263 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Hisuite and Hwbackup HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. | 5.5 |
| 2019-11-15 | CVE-2019-18986 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pimcore Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users. | 7.5 |
| 2019-11-15 | CVE-2019-18985 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pimcore Pimcore before 6.2.2 lacks brute force protection for the 2FA token. | 9.8 |
| 2019-11-04 | CVE-2013-2257 | Improper Restriction of Excessive Authentication Attempts vulnerability in Cryptocat Project Cryptocat Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness | 7.5 |
| 2019-10-14 | CVE-2019-12941 | Improper Restriction of Excessive Authentication Attempts vulnerability in Autopi 4G/Lte Firmware and Wi-Fi/Nb Firmware AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. | 9.8 |