CVE-2025-48016

OpenFlow discovery protocol can exhaust resources because it is not rate limited...

CVE-2023-51339

A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Event Ticketing System v1.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

CVE-2023-51297

A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service DoS via a large amount of generated e-mail messages...

CVE-2024-45404 OpenCTI's lack of Rate Limit lead to OTP brute forcing

OpenCTI is an open-source cyber threat intelligence platform. In versions below 6.2.18, because the function to limit the rate of OTP does not exist, an attacker with valid credentials or a malicious user who commits internal fraud can break through the two-factor authentication and hijack the...

CVE-2024-7294 Uncontrolled resource consumption of anonymous endpoints

In Progress® Telerik® Report Server versions prior to 2024 Q3 10.2.24.806, an HTTP DoS attack is possible on anonymous endpoints without rate limiting...

Zammad Access Control Error Vulnerability (CNVD-2023-9782629)

Zammad is a suite of ticket management software from the German company Zammad. An access control error vulnerability exists in Zammad, which stems from a lack of rate limiting in the email address verification function, and can be exploited by an attacker to potentially send many requests to a...