PT-2026-40072

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 8.5.0 through 8.5.100 Apache Tomcat versions 7.0.0 through 7.0.109...

CVE-2025-60772

Improper authentication in the web-based management interface of NETLINK HG322G V1.0.00-231017, allows a remote unauthenticated attacker to escalate privileges and lock out the legitimate administrator via crafted HTTP requests...

EUVD-2018-16642

Malware in sbrugna...

F5 BIG-IP Next Central Manager 安全漏洞

F5 BIG-IP Next Central Manager is a centralized console from F5 USA. A security vulnerability exists in F5 BIG-IP Next Central Manager that stems from a vulnerability that could allow an attacker to lock out accounts that have never logged in...

CVE-2020-15770

An issue was discovered in Gradle Enterprise 2018.5. An attacker can potentially make repeated attempts to guess a local user's password, due to lack of lock-out after excessive failed logins...

PT-2020-14617 · Gradle · Gradle Enterprise

Name of the Vulnerable Software and Affected Versions: Gradle Enterprise version 2018.5 Description: An issue was discovered that allows an attacker to make repeated attempts to guess a local user's password due to the lack of lock-out after excessive failed logins. Recommendations: For Gradle...

Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover

Two critical severity bugs have been publicly disclosed that impact Amcrest HDSeries model IPM-721S cameras. Both vulnerabilities open the consumer-grade $50 Wi-Fi cameras to complete takeover by remote, unauthenticated attackers. Mandar Satam, senior security researcher at Synopsys, found the si...

Denial Of Service (DoS)

privacyIDEA is vulnerable to denial of service DoS attacks. The library does not properly validate the user parameter, allowing a malicious user to pass a HTTP request with an empty user parameter to quickly trigger the 10 attempt limit lock out...

Siemens SICLOCK TC Product Bypass Certification Vulnerability (CNVD-2018-12506)

The SICROCK product line offers components for synchronizing plant and system time. An authentication bypass vulnerability exists in Siemens SICLOCK TC products. An attacker with administrative access to the device management interface could lock out legitimate users...

CVE-2018-4856

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...

Design/Logic Flaw

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users...

Facebook Glitch Locks Out Accounts

A bug in an account verification system used by Facebook resulted in a wave of account suspensions Tuesday that had users locked out of the world’s largest social network and scratching their heads over the reason. Facebook discovered a bug in a system designed to detect and disable fake accounts...

sudo is decorated with global decorator

The reasoning behind preventing theme developers from theming the admin areas was because if you don't know what you are doing then you can mess things up to such an extent that you are unable to use confluence. By decorating the sudo login pages using the global decorator it exposes the user to...

CVE-2005-4274

Unspecified vulnerability in Business Objects WebIntelligence 6.5x allows remote attackers to cause a denial of service user account lock out via unknown attack vectors related to "authentication mechanisms" and "form input."...

CVE-2005-4274

CVE-2005-4274 affects Business Objects WebIntelligence 6.5x. The vulnerability permits remote attackers to cause a denial of service (user account lockout) via unknown attack vectors related to authentication mechanisms and form input. The available sources describe the issue but do not provide c...

CVE-2005-4274

Unspecified vulnerability in Business Objects WebIntelligence 6.5x allows remote attackers to cause a denial of service user account lock out via unknown attack vectors related to "authentication mechanisms" and "form input."...

WebEOC account lock-out policy may allow a denial-of-service

Overview WebEOC account lock out policy may allow a remote attacker to disable user and system accounts resulting in a denial-of-service condition. Description WebEOC is a web-based crisis information management application that provides functions to gather, coordinate, and disseminate informatio...