1189 matches found
EV Energy 安全漏洞
EV Energy is an electric vehicle charging software platform operated by the British company EV Energy. There is a security vulnerability within EV Energy; this vulnerability stems from the lack of restrictions on the number of authentication requests, which could lead to denial-of-service attacks...
Chargemap 安全漏洞
Chargemap is a electric vehicle service platform website operated by the French company Chargemap. Chargemap has a security vulnerability, which stems from the lack of an authentication request limit on the WebSocket API. This vulnerability could lead to denial-of-service attacks or brute-force...
PT-2026-22240
Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not restrict the number of authentication requests. This lack of rate limiting could enable an attacke...
CVE-2026-27521
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...
CVE-2026-27521 Binardat 10G08-0800GSM Network Switch Missing Login Rate Limiting
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...
PT-2026-21759
Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The Binardat 10G08-0800GSM network switch firmware does not implement rate limiting or account lockout mechanisms for login attempts. This allows for...
Doruk Wispotter 安全漏洞
Doruk Wispotter is a WiFi hotspot management and marketing system developed by the Turkish company Doruk. Versions of Wispotter from 1.0 up to v2025.10.08.1 contained security vulnerabilities. These vulnerabilities were due to improper restrictions on authentication attempts and inadequate...
GHSA-5CX4-W4FH-FR57 Moodle Affected by Improper Restriction of Excessive Authentication Attempts
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...
UBUNTU-CVE-2025-67853
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...
EUVD-2025-206748
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...
PT-2026-5962
Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw exists in Moodle related to insufficient rate limiting within the confirmation email service. This allows attackers to more easily enumerate or guess user credentials, potentially...
Tenda W30E security vulnerabilities
The Tenda W30E is a router produced by the Chinese company Tenda. Versions of the Tenda W30E such as V2 and V16.01.0.195037 have security vulnerabilities. These vulnerabilities stem from the lack of rate limiting or account locking mechanisms in the authentication endpoints, which may lead to...
CVE-2025-4319
Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The...
EVMAPA security vulnerabilities
EVMAPA is a navigation app for electric vehicle charging stations developed by Daniel Jurik. EVMAPA has a security vulnerability, which stems from the lack of a limit on the number of user authentication attempts. This could lead to denial-of-service attacks or brute-force attacks...
CVE-2026-22603
CVE-2026-22603 affects OpenProject before version 16.6.2. The vulnerability is due to an unauthenticated password-change endpoint (/account/change_password) that lacked the same brute-force protections as the login form. An attacker who can guess or enumerate user IDs can send unlimited password-...
CVE-2003-1363
The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port 9999, which allows remote attackers to mount brute force attacks on the administration console without detection...
CVE-2021-33563
Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. This might make brute-force attacks easier...
CVE-2021-22309
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...
CVE-2022-35490
Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force attacks trying to guess login credentials. After a configurable amount of attempts, users are invalidated and logins prevented. An attacker might work around this prevention, enabling them to send more...
CVE-2022-35143
Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks...