Lucene search
+L

10 matches found

RedhatCVE
RedhatCVE
•added 2026/04/01 5:3 p.m.•5 views

CVE-2026-33580

OpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the Nextcloud Talk webhook authentication that allows attackers to brute-force weak shared secrets. Attackers who can reach the webhook endpoint can exploit this to forge inbound webhook events by repeatedly attempting...

6.5CVSS5.9AI score0.00365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/01/09 11:16 a.m.•12 views

CVE-2021-0889

In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12...

10CVSS7.4AI score0.01602EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2025/08/02 8:23 p.m.•9 views

CVE-2025-54834

OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place...

6.9CVSS6.5AI score0.0049EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2025/02/19 12:0 a.m.•9 views

CVE-2023-51301

A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

7.5AI score0.00679EPSS
Exploits2References2
RedhatCVE
RedhatCVE
•added 2025/02/14 1:20 p.m.•7 views

CVE-2024-57603

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...

6.3CVSS7AI score0.0043EPSS
Exploits1References1
CVE
CVE
•added 2025/02/12 12:0 a.m.•78 views

CVE-2024-57603

CVE-2024-57603 affects MaysWind ezBookkeeping 0.7.0 and describes privilege escalation via lack of rate limiting. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) yields a base score of 6.3 (MEDIUM) with network attack vector, low confidentiality/integrity/availability impact, and low pr...

6.3CVSS7.2AI score0.0043EPSS
Exploits1References2Affected Software1
NVD
NVD
•added 2024/11/14 6:15 p.m.•33 views

CVE-2024-4311

zenml-io/zenml version 0.56.4 is vulnerable to an account takeover due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the 'Update Password' function, allowing them to take over the user's account. This vulnerability is due to the...

5.4CVSS0.00456EPSS
Exploits1References2
Hacker One
Hacker One
•added 2024/09/29 1:44 p.m.•9 views

U.S. Dept Of Defense: Lack of rate limiting in https://███/PKI/PassReset.aspx leads to PII disclosure and potential account takeover

The password reset functionality of AFPC Secure allowed users to provide their Social Security Account Number SSAN and Mother's Maiden Name to reset their password. The issue was that the system informed the user if the SSAN was associated with an active PKI credential, leading to potential...

7AI score
Exploits0
OSV
OSV
•added 2021/04/28 9:15 p.m.•15 views

CVE-2020-22785

Etherpad 1.8.3 is affected by a missing lock check which could cause a denial of service. Aggressively targeting random pad import endpoints with empty data would flatten all pads due to lack of rate limiting and missing ownership check...

7.5CVSS6.7AI score
Exploits0References1
Hacker One
Hacker One
•added 2020/08/20 3:43 p.m.•322 views

Yelp: Email flooding using user invitation feature in biz.yelp.com due to lack of rate limiting

Summary: Hello everyone, The feature to invite users to manage your business has no rate limiting or captcha implemented. Therefore, a malicious user can use this to mail bomb any email's inbox with invitation requests. Platforms Affected: biz.yelp.com Steps To Reproduce: This is a pretty straigh...

7AI score
Exploits0
Rows per page
Query Builder