EUVD-2026-33537

A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The affected element is an unknown function of the file server/src/routes/pairing.ts of the component claim Endpoint. The manipulation results in improper restriction of excessive authentication attempts. The attack may be launched...

TP-Link Archer C64 安全漏洞

The TP-Link Archer C64 is a wireless router produced by TP-Link Corporation. The TP-Link Archer C64 V1 version has a security vulnerability. This vulnerability stems from improper execution of the authentication rate limit during the debugging of the SSH service. As a result, attackers in adjacen...

CVE-2025-36363

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2025-36363

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2025-36363

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2025-36363

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2025-36363 IBM DevOps Plan is vulnerable to Excessive Authentication Attempts

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

EUVD-2025-208254

IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

PT-2026-22798

Name of the Vulnerable Software and Affected Versions IBM DevOps Plan versions 3.0.0 through 3.0.5 Description The software uses an inadequate account lockout setting, which could allow a remote attacker to brute force account credentials. Recommendations Update to a version beyond 3.0.5...

IBM DevOps Plan 安全漏洞

IBM DevOps Plan is a change management collaboration platform provided by the American multinational company International Business Machines IBM. Versions of IBM DevOps Plan 3.0.0 and earlier contained security vulnerabilities. These vulnerabilities were due to improper account locking settings,...

CVE-2020-36925 Arteco Web Client DVR/NVR Session ID Brute Force Authentication Bypass

Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID complexity that allows remote attackers to bypass authentication. Attackers can brute force session IDs within a specific numeric range to obtain valid sessions and access live camera streams without...

CVE-2020-36925

CVE-2020-36925 affects the Arteco Web Client DVR/NVR. The issue is a session hijacking vulnerability caused by insufficient session ID complexity, enabling attackers to brute‑force session IDs within a numeric range to bypass authentication and gain access to live camera streams. The available do...

Medtronic CareLink Network 安全漏洞

Medtronic CareLink Network is an open source platform for remote monitoring of cardiac patients by Medtronic in the United States. A security vulnerability exists in versions of Medtronic CareLink Network prior to December 4, 2025, which stems from a brute force attack that can be performed by an...

LogicalDOC Community Edition 安全漏洞

LogicalDOC Community Edition is a documentation system from LogicalDOC Italy. A security vulnerability exists in LogicalDOC Community Edition 9.2.1 and earlier versions, which stems from an improperly restricted authentication attempt in the file /login.jsp, which could lead to a remote brute-for...

EUVD-2025-36871

Liferay Portal vulnerable to password enumeration...

CVE-2025-62257

Password enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote attackers t...

CVE-2025-62257

CVE-2025-62257 affects Liferay Portal 7.4.0 through 7.4.3.119 and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 GA through update 92. The connected documents describe a password enumeration vulnerabilit...

CVE-2025-62257

Password enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote attackers t...

CVE-2025-36064

IBM Sterling Connect:Express for Microsoft Windows 3.1.0.0 through 3.1.0.22 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2025-36064

IBM Sterling Connect:Express for Microsoft Windows 3.1.0.0 through 3.1.0.22 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...