Lucene search
K

56 matches found

BDU FSTEC
BDU FSTEC
added 2025/08/08 12:0 a.m.8 views

The vulnerability of the user blocking mechanism of the Vault Enterprise and Vault Community Edition corporate information archiving platforms allows attackers to circumvent existing security restrictions.

The vulnerability of the user blocking mechanism in the Vault Enterprise and Vault Community Edition corporate information archiving platforms is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to circumvent existing security...

5.3CVSS5.5AI score0.00394EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/07/28 12:0 a.m.7 views

The vulnerability of the Blitz Identity Provider software lies in its insufficient limit on authentication attempts. This allows a perpetrator to register an email account to which they have no access and then verify it.

The vulnerability of the Blitz Identity Provider software is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to register a mail account that they do not have access to and then verify it...

8.7CVSS5.6AI score
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/06/21 12:0 a.m.5 views

Yealink YMCS RPS 安全漏洞

Yealink YMCS RPS is a device management cloud service platform with integrated RPS functionality from China Yealink Yealink. A security vulnerability exists in Yealink YMCS RPS versions prior to 2025-06-04, which stems from a lack of SN authentication attempt limitations that could lead to brute...

2.2CVSS6.6AI score0.0025EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/05/06 12:0 a.m.5 views

The vulnerability of the INDIGO testing system lies in the absence of restrictions on authentication attempts. This allows a perpetrator to carry out an attack using brute-force methods—automated password retrieval.

The vulnerability of the INDIGO testing system is related to the absence of restrictions on authentication attempts. Exploiting this vulnerability allows a perpetrator, operating remotely, to carry out an attack using brute-force methods automated password cracking...

7.8CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/12 12:0 a.m.6 views

The vulnerability of the MFlash secure data exchange platform lies in its insufficient authentication attempt limitation, which allows a perpetrator to gain unauthorized access to the platform.

The vulnerability of the MFlash secure messaging platform is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the platform...

10CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.8 views

The vulnerability of Dell PowerScale InsightIQ software for performance monitoring and reporting lies in its insufficient attempt-limiting mechanism for authentication. This allows a malicious actor to trigger a service failure.

The vulnerability of the software for performance monitoring and report generation in Dell PowerScale InsightIQ is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to trigger service interruptions remotely...

5.6CVSS5.5AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.7 views

The software for data protection solutions from Dell RecoverPoint for virtual machines has a vulnerability related to insufficient limits on authentication attempts. This allows attackers to carry out brute-force attacks.

The vulnerability of the Dell RecoverPoint data protection software for virtual machines relates to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to carry out a brute-force attack...

6.5CVSS5.5AI score0.00318EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/29 12:0 a.m.9 views

The vulnerability of hybrid cloud solutions for managing thin clients in the Dell Wyse Management Suite lies in the insufficient limitation on authentication attempts. This allows attackers to bypass the security mechanisms.

The vulnerability of the hybrid cloud solution for managing thin clients in the Dell Wyse Management Suite is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to bypass security measures remotely...

7.6CVSS5.4AI score0.00559EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.10 views

The vulnerability of the Client Communication component of the Siemens SINEMA Remote Connect server allows a hacker to obtain encrypted user credentials.

The vulnerability of the Client Communication component in the Siemens SINEMA Remote Connect server is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to obtain encrypted user credentials remotely...

7.8CVSS7.2AI score0.00409EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/25 12:0 a.m.6 views

PT-2024-8789 · Dell · Dell Wyse Management Suite

Name of the Vulnerable Software and Affected Versions: Dell Wyse Management Suite versions WMS 4.4 and prior Description: The issue is related to an Improper Restriction of Excessive Authentication Attempts, which could be exploited by a high privileged attacker with remote access, leading to...

7.6CVSS7.2AI score0.00559EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.6 views

The vulnerability of software solutions for optimizing production processes in Location Intelligence lies in the insufficient limitation on authentication attempts, allowing attackers to carry out attacks using brute-force methods.

The vulnerability of software for optimizing production processes in Location Intelligence is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows an attacker to carry out an attack using brute-force methods...

5.3CVSS5.4AI score0.00444EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/09/19 7:15 a.m.4 views

CVE-2024-47088

This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack on login OTP, which could lead to gain unauthorized access to...

9.8CVSS5.8AI score0.00564EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.9 views

PT-2024-28259 · Horizon Business Services Inc. · Caterease

Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts. This...

6.8CVSS7.1AI score0.00189EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.4 views

PT-2024-8749 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: A vulnerability has been identified in the Client Communication component of the SINEMA Remote Connect Server, where it does not properly implement brute force protection...

8.7CVSS7.4AI score0.00409EPSS
Exploits0References7
NVD
NVD
added 2024/06/24 1:15 p.m.20 views

CVE-2024-5862

Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation. This issue affects Mia-Med Health Aplication: before 1.0.14...

7.5CVSS0.00455EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.4 views

WordPress plugin Appointment Hour Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.8AI score0.00351EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.1 views

PT-2024-4723 · Unknown · Сервис Обновлений

Name of the Vulnerable Software and Affected Versions: Сервис обновлений affected versions not specified Description: The issue is related to the web request handler of the "Сервис обновлений" software, which lacks authentication attempt restrictions. This can be exploited by a remote attacker to...

5CVSS7.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/24 12:0 a.m.7 views

PT-2024-22593 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0b5 Checkmk versions prior to 2.2.0p26 Checkmk versions prior to 2.1.0p43 Checkmk version 2.0.0 Description: The issue is related to improper restriction of excessive authentication attempts on some authenticatio...

9.8CVSS7.5AI score0.00521EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/01/25 12:0 a.m.6 views

The vulnerability of cloud-based software for creating and using Nextcloud Server’s data storage solution lies in the lack of authentication attempt limits, allowing attackers to bypass passwords.

The vulnerability of cloud-based software for creating and using Nextcloud Server storage solutions is related to the absence of restrictions on authentication attempts. Exploiting this vulnerability can allow a malicious actor to bypass any password restrictions...

7.5CVSS7.1AI score0.00602EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/10/20 12:0 a.m.7 views

The vulnerability of the application interface for WebDAV cloud software for creating and using Nextcloud data storage allows a perpetrator to gain access to confidential information.

The vulnerability of the WebDAV application programming interface of cloud-based software for creating and using Nextcloud data storage solutions is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to gain access to...

7.8CVSS7.2AI score0.00575EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder