CVE-2026-49324 Indian Scout Bobber 2025 WCM brute-force

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

PT-2026-44830

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

PT-2026-22912

Dell PowerScale OneFS, version 9.13.0.0, contains an overly restrictive account lockout mechanism vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

AMD Xilinx Run Time Lockout Insufficient Protection Vulnerability

AMD Xilinx Run Time is a standardized runtime environment developed by AMD for Xilinx FPGAs that provides a unified software interface to optimize FPGA arithmetic. AMD Xilinx Run Time suffers from a locking protection deficiency vulnerability that can be exploited by an attacker to cause reuse...

EUVD-2004-0582

Malware in sbrugna...

EUVD-2005-3285

Malware in sbrugna...

EUVD-2000-1199

Malware in sbrugna...

EUVD-2024-36399

Malicious code in bioql PyPI...

CVE-2025-5241

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series allows a remote unauthenticated attacker to lockout legitimate users for a certain period by repeatedly attempting to login with incorrect passwords. The legitimate users will be unabl...

CVE-2025-5241

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series allows a remote unauthenticated attacker to lockout legitimate users for a certain period by repeatedly attempting to login with incorrect passwords. The legitimate users will be unabl...

CVE-2025-5241 Denial-of-Service Vulnerability in MELSEC iQ-F Series

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series allows a remote unauthenticated attacker to lockout legitimate users for a certain period by repeatedly attempting to login with incorrect passwords. The legitimate users will be unabl...

SUSE CVE-2025-31947

Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail to lockout LDAP users following repeated login failures, which allows attackers to lock external LDAP accounts through repeated login failures through Mattermost...

CVE-2024-51476

IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2024-51476 IBM Concert Software information disclosure

IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2024-51476 IBM Concert Software information disclosure

IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials...

CVE-2022-32757

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 228510...

CVE-2024-55008

JATOS 3.9.4 contains a denial-of-service DoS vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the...

CVE-2024-37028

CVE-2024-37028 affects BIG-IP Next Central Manager. An unauthenticated attacker can lock out a webUI account that has never been logged in (control-plane issue only; no data plane exposure). Affected: BIG-IP Next Central Manager 20.1.0–20.2.0; Fix: 20.2.1 (see F5 advisory K000139938). CVSS detail...

Access Restriction Bypass

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Access Restriction Bypass. A vulnerability exist...

Account Lockout Vulnerability in Oblix NetPoint v5.2

Name: Oblix NetPoint 5.2 Account Lockout Bug Vendor: Oblix Homepage: http://www.oblix.com/products/netpoint/inde x.html Versions: Confirmed on v5.2, probable on earlier versions Severity: Medium to High Risk Description: "Oblix NetPoint creates a unified e-business infrastructure by providing an...