12 matches found
EUVD-2025-209524
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading...
PT-2026-24242
šØ CVE-2026-22629 An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.0...
CVE-2024-34451
Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For headers...
EUVD-2025-201495
An Improper Access Control in the SFTP service in Fortra's GoAnywhere MFT prior to version 7.9.0 allows Web Users with an Authentication Alias and a valid SSH key but limited to Password authentication for SFTP to still login using their SSH key...
CVE-2025-11566
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary number of authentication attempts with different credentials on the /REST/shutdownnow endpoint...
CVE-2025-10928 Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-108
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Access code allows Brute Force.This issue affects Access code: from 0.0.0 before 2.0.5...
CVE-2025-8927
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/sendcode of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The...
CVE-2025-8927 mtons mblog Verification Code send_code excessive authentication
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/sendcode of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The...
eCommerce-website-in-PHP å®å Øę¼ę“
eCommerce-website-in-PHP is a free and open source php e-commerce platform for scriptandtools individual developers. A security vulnerability exists in eCommerce-website-in-PHP version 3.0, which originates from an improperly restricted authentication attempt in file /admin/login.php...
CVE-2024-3202
A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple CMS 1.2.4. This issue affects some unknown processing of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated...
CVE-2020-7995
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts...
Corega CG-WLR300GNV and CG-WLR300GNV-W Privilege Gain Vulnerabilities
The Corega CG-WLR300GNV and CG-WLR300GNV-W are both wireless LAN routers from Corega Japan. A privilege acquisition vulnerability exists in the Corega CG-WLR300GNV and CG-WLR300GNV-W that stems from the program failing to limit the number of authentication requests. An attacker within wireless...