Lucene search
+L

1189 matches found

CNNVD
CNNVD
added 2026/02/27 12:0 a.m.10 views

EV Energy 安全漏洞

EV Energy is an electric vehicle charging software platform operated by the British company EV Energy. There is a security vulnerability within EV Energy; this vulnerability stems from the lack of restrictions on the number of authentication requests, which could lead to denial-of-service attacks...

9.8CVSS5.8AI score0.00487EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.10 views

Chargemap 安全漏洞

Chargemap is a electric vehicle service platform website operated by the French company Chargemap. Chargemap has a security vulnerability, which stems from the lack of an authentication request limit on the WebSocket API. This vulnerability could lead to denial-of-service attacks or brute-force...

9.8CVSS5.8AI score0.00477EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.8 views

PT-2026-22240

Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not restrict the number of authentication requests. This lack of rate limiting could enable an attacke...

9.8CVSS6AI score0.00465EPSS
Exploits0References8
OSV
OSV
added 2026/02/24 4:24 p.m.5 views

CVE-2026-27521

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...

7.5CVSS5.8AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/24 3:8 p.m.21 views

CVE-2026-27521 Binardat 10G08-0800GSM Network Switch Missing Login Rate Limiting

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...

7.5CVSS0.00246EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.10 views

PT-2026-21759

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The Binardat 10G08-0800GSM network switch firmware does not implement rate limiting or account lockout mechanisms for login attempts. This allows for...

7.5CVSS5.2AI score0.00246EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.14 views

Doruk Wispotter 安全漏洞

Doruk Wispotter is a WiFi hotspot management and marketing system developed by the Turkish company Doruk. Versions of Wispotter from 1.0 up to v2025.10.08.1 contained security vulnerabilities. These vulnerabilities were due to improper restrictions on authentication attempts and inadequate...

5.3CVSS5.8AI score0.00236EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 12:30 p.m.4 views

GHSA-5CX4-W4FH-FR57 Moodle Affected by Improper Restriction of Excessive Authentication Attempts

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References5
OSV
OSV
added 2026/02/03 11:15 a.m.7 views

UBUNTU-CVE-2025-67853

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/03 10:52 a.m.7 views

EUVD-2025-206748

A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.5 views

PT-2026-5962

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw exists in Moodle related to insufficient rate limiting within the confirmation email service. This allows attackers to more easily enumerate or guess user credentials, potentially...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.10 views

Tenda W30E security vulnerabilities

The Tenda W30E is a router produced by the Chinese company Tenda. Versions of the Tenda W30E such as V2 and V16.01.0.195037 have security vulnerabilities. These vulnerabilities stem from the lack of rate limiting or account locking mechanisms in the authentication endpoints, which may lead to...

9.8CVSS5.8AI score0.00418EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/24 3:17 p.m.9 views

CVE-2025-4319

Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The...

9.4CVSS5.3AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

EVMAPA security vulnerabilities

EVMAPA is a navigation app for electric vehicle charging stations developed by Daniel Jurik. EVMAPA has a security vulnerability, which stems from the lack of a limit on the number of user authentication attempts. This could lead to denial-of-service attacks or brute-force attacks...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References3
CVE
CVE
added 2026/01/10 1:6 a.m.14 views

CVE-2026-22603

CVE-2026-22603 affects OpenProject before version 16.6.2. The vulnerability is due to an unauthenticated password-change endpoint (/account/change_password) that lacked the same brute-force protections as the login form. An attacker who can guess or enumerate user IDs can send unlimited password-...

6.9CVSS6.7AI score0.0022EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.10 views

CVE-2003-1363

The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port 9999, which allows remote attackers to mount brute force attacks on the administration console without detection...

6.4CVSS7.1AI score0.01173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.7 views

CVE-2021-33563

Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. This might make brute-force attacks easier...

7.5CVSS7AI score0.00794EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.12 views

CVE-2021-22309

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...

7.5CVSS6.3AI score0.00767EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.9 views

CVE-2022-35490

Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force attacks trying to guess login credentials. After a configurable amount of attempts, users are invalidated and logins prevented. An attacker might work around this prevention, enabling them to send more...

9.8CVSS6.9AI score0.00762EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:40 a.m.13 views

CVE-2022-35143

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks...

9.8CVSS6.9AI score0.01318EPSS
Exploits3References1
Rows per page
Query Builder