Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-25 | CVE-2023-3548 | Improper Restriction of Excessive Authentication Attempts vulnerability in Johnsoncontrols IQ Wifi 6 Firmware An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack. | 9.8 |
| 2023-07-19 | CVE-2023-32657 | Improper Restriction of Excessive Authentication Attempts vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses. | 7.5 |
| 2023-07-12 | CVE-2023-29301 | Improper Restriction of Excessive Authentication Attempts vulnerability in Adobe Coldfusion 2018/2021 Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. | 7.5 |
| 2023-07-11 | CVE-2023-36917 | Improper Restriction of Excessive Authentication Attempts vulnerability in SAP Businessobjects Business Intelligence 420/430 SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. | 7.5 |
| 2023-07-10 | CVE-2023-3605 | Improper Restriction of Excessive Authentication Attempts vulnerability in PHPgurukul Online Shopping Portal 1.0 A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. | 9.1 |
| 2023-07-10 | CVE-2023-35697 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sick Icr890-4 Firmware Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials. | 7.5 |
| 2023-07-06 | CVE-2023-33868 | Improper Restriction of Excessive Authentication Attempts vulnerability in Piigab M-Bus 900S Firmware The number of login attempts is not limited. | 9.8 |
| 2023-06-28 | CVE-2023-32224 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dsl-224 Firmware 3.0.10 D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts | 9.8 |
| 2023-06-23 | CVE-2023-35172 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. | 9.1 |
| 2023-06-22 | CVE-2023-32320 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. | 7.5 |