27 matches found
CVE-2026-10216
A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The affected element is an unknown function of the file server/src/routes/pairing.ts of the component claim Endpoint. The manipulation results in improper restriction of excessive authentication attempts. The attack may be launched...
CVE-2026-1816 OTP Bypass in TEİAŞ's Mobile Application
Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...
Schneider Electric PowerChute Serial Shutdown < 1.5 Multiple Vulnerabilities (SEVD-2026-104-01)
The version of Schneider Electric PowerChute Serial Shutdown installed on the remote host is prior to 1.5. It is, therefore, affected by multiple vulnerabilities, including: - An improper limitation of a pathname to a restricted directory vulnerability exists that could cause critical files to be...
EUVD-2026-10517
An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud...
CVE-2026-22278
Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...
CVE-2025-12547
CVE-2025-12547 affects LogicalDOC Community Edition up to 9.2.1, targeting the Admin Login Page via the file /login.jsp . The root cause is an improper restriction of excessive authentication attempts, enabling remote brute‑force style access. The issue is described as high complexity with a publ...
CVE-2025-12547 LogicalDOC Community Edition Admin Login login.jsp excessive authentication
A vulnerability was identified in LogicalDOC Community Edition up to 9.2.1. This vulnerability affects unknown code of the file /login.jsp of the component Admin Login Page. Such manipulation leads to improper restriction of excessive authentication attempts. The attack can be executed remotely...
EUVD-2020-7755
Malware in sbrugna...
EUVD-2024-48236
Malicious code in bioql PyPI...
CVE-2025-2411 OTP Bypass in Akinsoft's TaskPano
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano allows Authentication Bypass. This issue affects TaskPano: from s1.06.04 before v1.06.06...
CVE-2025-2416 OTP Bypass in Akinsoft's LimonDesk
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk allows Authentication Bypass. This issue affects LimonDesk: from s1.02.14 before v1.02.17...
CVE-2025-2413
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor allows Authentication Bypass. This issue affects ProKuafor: from s1.02.08 before v1.02.08...
CVE-2025-9004
A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. T...
CVE-2025-8742
A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The...
CVE-2025-8742 macrozheng mall Admin Login excessive authentication
A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The...
CVE-2025-3555
A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected is an unknown function of the file /login.php. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack remotely. The...
Improper Restriction of Excessive Authentication Attempts
Overview sylius/sylius is a platform for PHP, based on Symfony framework. Affected versions of this package are vulnerable to Improper Restriction of Excessive Authentication Attempts due to improper rate limiting mechanism. An attacker can perform repeated login attempts without being restricted...
Digistar AG-30 Plus 安全漏洞
Digistar AG-30 Plus is an access gateway from Digistar that integrates a specialized router to allow communication between IP and digital technologies in a simple and secure manner. A security vulnerability exists in Digistar AG-30 Plus version 2.6b that stems from an improper restriction of...
Progress Telerik Report Server <= 10.2.24.709 Multiple Vulnerabilities (September 2024)
The version of Progress Telerik Report Server installed on the remote host is affected by multiple vulnerabilities: - A credential stuffing attack is possible through improper restriction of excessive login attempts. CVE-2024-7292 - A password brute forcing attack is possible through weak passwor...
CVE-2024-7292
In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, a credential stuffing attack is possible through improper restriction of excessive login attempts...