EUVD-2025-84351

Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Technologies Inc. Perfektive allows Brute Force, Authentication Bypass, Functionality Bypass.This iss...

CVE-2024-8429

Improper Restriction of Excessive Authentication Attempts vulnerability in Digital Operation Services WiFiBurada allows Use of Known Domain Credentials. This issue affects WiFiBurada: before 1.0.5...

CVE-2022-29056

A improper restriction of excessive authentication attempts vulnerability CWE-307 in Fortinet FortiMail version 6.4.0, version 6.2.0 through 6.2.4 and before 6.0.9 allows a remote unauthenticated attacker to partially exhaust CPU and memory via sending numerous HTTP requests to the login form...

PT-2025-14554 · Drupal · Drupal Access Code

Name of the Vulnerable Software and Affected Versions: Drupal Access code versions 0.0.0 through 2.0.3 Description: The issue is related to an Improper Restriction of Excessive Authentication Attempts, which allows for Brute Force attacks. Recommendations: For versions 0.0.0 through 2.0.3, update...

CVE-2025-2267

The WP01 plugin for WordPress is vulnerable to Arbitrary File Download in all versions up to, and including, 2.6.2 due to a missing capability check and insufficient restrictions on the makearchive function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...

CVE-2024-41904

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application do not properly enforce restriction of excessive authentication attempts. This could allow an unauthenticated attacker to conduct brute force attacks against legitimate use...

CVE-2024-38176

CVE-2024-38176 affects Microsoft GroupMe. The issue is an improper restriction of excessive authentication attempts that allows an unauthenticated, network-based attacker to achieve elevation of privileges. The description and connected sources confirm a privilege-escalation impact with high seve...

CVE-2024-37368 Rockwell Automation FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...

CVE-2024-37368 Rockwell Automation FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...

CVE-2024-37367 Rockwell Automation FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication verification...

CVE-2024-37367 Rockwell Automation FactoryTalk® View SE v12 Information Leakage Vulnerability via Authentication Restriction

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication verification...

CVE-2024-2051

CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorized access to the system when an attacker conducts brute-force attacks against the login form...

Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to multiple issues due to Eclipse Jetty.

Summary Eclipse Jetty is used by IBM Sterling Connect:Direct for UNIX in product management. IBM Sterling Connect:Direct for UNIX is impacted by vulnerabilities in Eclipse Jetty. IBM Sterling Connect:Direct for UNIX has upgraded Eclipse Jetty to version 9.4.53 to address the issues. Vulnerability...

CVE-2023-35697

Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials...

CVE-2022-42478

An Improper Restriction of Excessive Authentication Attempts CWE-307 in FortiSIEM below 7.0.0 may allow a non-privileged user with access to several endpoints to brute force attack these endpoints...

CVE-2023-2675 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223...

CVE-2022-2525 Improper Restriction of Excessive Authentication Attempts in janeczku/calibre-web

Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20...

CVE-2022-43947

An improper restriction of excessive authentication attempts vulnerability CWE-307 in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-forc...

CVE-2023-1539

Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2022-2166 Improper Restriction of Excessive Authentication Attempts in mastodon/mastodon

Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon prior to 4.0.0...