Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-08 | CVE-2023-34243 | Improper Restriction of Excessive Authentication Attempts vulnerability in Tgstation13 Tgstation-Server TGstation is a toolset to manage production BYOND servers. | 5.3 |
| 2023-06-01 | CVE-2023-33754 | Improper Restriction of Excessive Authentication Attempts vulnerability in Inpiazza Cloud Wifi The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing attackers to brute force valid user accounts to gain access to login credentials. | 6.5 |
| 2023-05-30 | CVE-2023-23755 | Improper Restriction of Excessive Authentication Attempts vulnerability in Joomla Joomla! An issue was discovered in Joomla! 4.2.0 through 4.3.1. | 7.5 |
| 2023-05-26 | CVE-2023-32319 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud server is an open source personal cloud implementation. | 6.5 |
| 2023-05-25 | CVE-2023-32074 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud User Oidc user_oidc app is an OpenID Connect user backend for Nextcloud. | 9.8 |
| 2023-04-15 | CVE-2022-2525 | Improper Restriction of Excessive Authentication Attempts vulnerability in Janeczku Calibre-Web Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20. | 9.8 |
| 2023-04-14 | CVE-2023-26756 | Improper Restriction of Excessive Authentication Attempts vulnerability in Revive Adserver 5.4.1 The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. | 7.5 |
| 2023-04-13 | CVE-2023-27746 | Improper Restriction of Excessive Authentication Attempts vulnerability in Blackvue Dr750-2Ch IR LTE Firmware and Dr750-2Ch LTE Firmware BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted. | 9.8 |
| 2023-04-11 | CVE-2022-43947 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortios and Fortiproxy An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions. | 8.8 |
| 2023-04-10 | CVE-2023-29005 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dpgaspar Flask-Appbuilder Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. | 7.5 |