Vulnerabilities > Improper Restriction of Excessive Authentication Attempts
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2023-36917 | Improper Restriction of Excessive Authentication Attempts vulnerability in SAP Businessobjects Business Intelligence 420/430 SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. | 7.5 |
| 2023-07-10 | CVE-2023-3605 | Improper Restriction of Excessive Authentication Attempts vulnerability in PHPgurukul Online Shopping Portal 1.0 A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. | 9.1 |
| 2023-07-10 | CVE-2023-35697 | Improper Restriction of Excessive Authentication Attempts vulnerability in Sick Icr890-4 Firmware Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials. | 7.5 |
| 2023-07-06 | CVE-2023-33868 | Improper Restriction of Excessive Authentication Attempts vulnerability in Piigab M-Bus 900S Firmware The number of login attempts is not limited. | 9.8 |
| 2023-06-28 | CVE-2023-32224 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dsl-224 Firmware 3.0.10 D-Link DSL-224 firmware version 3.0.10 CWE-307: Improper Restriction of Excessive Authentication Attempts | 9.8 |
| 2023-06-23 | CVE-2023-35172 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. | 9.1 |
| 2023-06-22 | CVE-2023-32320 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. | 7.5 |
| 2023-06-15 | CVE-2022-32757 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Directory Suite VA 8.0.1/8.0.1.19 IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2023-06-13 | CVE-2022-42478 | Improper Restriction of Excessive Authentication Attempts vulnerability in Fortinet Fortisiem An Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints. | 8.8 |
| 2023-06-09 | CVE-2023-3173 | Improper Restriction of Excessive Authentication Attempts vulnerability in Froxlor Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior to 2.0.20. | 9.8 |