PT-2026-33926

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...

WordPress plugin User Activity Log security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2025-44807

Name of the Vulnerable Software and Affected Versions Abilis CPX affected versions not specified Description An attacker can gain access to a restricted shell on an unconfigured Abilis CPX device by repeatedly failing to authenticate via SSH. Specifically, after three unsuccessful authentication...

CVE-2025-55067

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

CVE-2025-34155 Tibbo AggreGate Network Manager < 6.40.05 Login Functionality User Enumeration

Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...

EUVD-2021-21866

Malware in sbrugna...

EUVD-2002-0253

Malware in sbrugna...

EUVD-2020-6020

Malware in sbrugna...

CVE-2025-58582

If a user tries to login but the provided credentials are incorrect a log is created. The data for this POST requests is not validated and it’s possible to send giant payloads which are then logged...

PT-2025-40866

Name of the Vulnerable Software and Affected Versions affected versions not specified Description The application reveals whether a username exists during failed login attempts by returning different error messages for incorrect passwords versus non-existent usernames. This enables an attacker to...

EUVD-2025-15150

Malicious code in bioql PyPI...

CVE-2025-54860

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication. A wrong management of login failures of the service allows a...

CVE-2025-54860 Cognex In-Sight Explorer and In-Sight Camera Firmware Improper Restriction of Excessive Authentication Attempts

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication. A wrong management of login failures of the service allows a...

CVE-2025-55068

CVE-2025-55068 affects Dover Fueling Solutions ProGauge MagLink LX4 Devices (and related MAGLINK LX products noted in connected sources). The vulnerability arises from the devices’ handling of Unix time values beyond a certain point, allowing a network-available attacker to manually adjust the sy...

Cognex多款产品 安全漏洞

Cognex In-Sight Explorer and Cognex In-Sight Camera Firmware are both products of Cognex Corporation, U.S.A. Cognex In-Sight Explorer is a tool that has the ability to debug and program the software of its line of smart cameras.Cognex In-Sight Camera Firmware is firmware for a range of smart...

SUSE CVE-2025-31947

Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail to lockout LDAP users following repeated login failures, which allows attackers to lock external LDAP accounts through repeated login failures through Mattermost...

GO-2025-3692 Mattermost Fails to Lockout LDAP Users After Repeated Login Failures in github.com/mattermost/mattermost-server

Mattermost Fails to Lockout LDAP Users After Repeated Login Failures in github.com/mattermost/mattermost-server...

CVE-2020-13805

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures...

GHSA-QGWX-RFFP-6CX9 Mattermost Fails to Lockout LDAP Users After Repeated Login Failures

Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail to lockout LDAP users following repeated login failures, which allows attackers to lock external LDAP accounts through repeated login failures through Mattermost...

Overly Restrictive Account Lockout Mechanism

Overview Affected versions of this package are vulnerable to Overly Restrictive Account Lockout Mechanism due to the failure in the lockout mechanism for LDAP users after multiple unsuccessful login attempts. An attacker can cause a denial of service by repeatedly attempting to log in with...