CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

CVE-2023-4509

It is possible for an API key to be logged in clear text in the audit log file after an invalid login attempt...

PT-2025-43031

Name of the Vulnerable Software and Affected Versions langgenius/dify-web version 1.6.0 Description The authentication process in the software reveals whether user accounts exist by providing different error messages depending on whether a username or email is registered. Attempting to log in or...

EUVD-2010-0023

Malware in sbrugna...

EUVD-2005-4760

Malware in sbrugna...

EUVD-2021-20297

Malware in sbrugna...

EUVD-2003-1091

Malware in sbrugna...

EUVD-2008-3764

Malware in sbrugna...

EUVD-2014-3535

Malware in sbrugna...

EUVD-2021-13954

Malware in sbrugna...

EUVD-2016-5471

Malware in sbrugna...

EUVD-2001-0056

Malware in sbrugna...

CVE-2025-58582

CVE-2025-58582 affects SICK Enterprise Analytics and SICK Logistic Analytics. The issue stems from logging POST login data without validation, allowing unusually large payloads to be recorded. This can lead to uncontrolled resource consumption and potential impact on availability, as indicated by...

EUVD-2023-54364

Malicious code in bioql PyPI...

EUVD-2022-39799

Malicious code in bioql PyPI...

CVE-2024-44762

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts...

CVE-2021-27188

The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service access suspended for five hours by making five invalid login attempts to a victim's account...

CVE-2020-15906

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts...

CVE-2020-13121

Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...

CVE-2010-5291

Amberdms Billing System ABS before 1.4.1 does not properly implement blacklisting after detection of invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach...