Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-26 | CVE-2023-5754 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sielco products Sielco PolyEco1000 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system. | 9.8 |
2023-10-26 | CVE-2023-42769 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sielco products The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter. | 9.8 |
2023-10-25 | CVE-2023-46123 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fit2Cloud Jumpserver jumpserver is an open source bastion machine, professional operation and maintenance security audit system that complies with 4A specifications. | 5.3 |
2023-10-23 | CVE-2023-27152 | Improper Restriction of Excessive Authentication Attempts vulnerability in Opnsense 23.1 DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication. | 9.8 |
2023-10-23 | CVE-2023-37635 | Improper Restriction of Excessive Authentication Attempts vulnerability in Uvdesk Community-Skeleton 1.1.1 UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. | 9.8 |
2023-10-19 | CVE-2022-24402 | Improper Restriction of Excessive Authentication Attempts vulnerability in Midnightblue Tetra:Burst The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks. | 7.5 |
2023-10-16 | CVE-2023-45149 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Talk Nextcloud talk is a chat module for the Nextcloud server platform. | 4.3 |
2023-10-16 | CVE-2023-45148 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud is an open source home cloud server. | 4.3 |
2023-10-13 | CVE-2023-39960 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 7.5 |
2023-10-11 | CVE-2023-44111 | Improper Restriction of Excessive Authentication Attempts vulnerability in Huawei Emui and Harmonyos Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |