Total
291 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-25031 | 2024-07-01 | N/A | 6.5 MEDIUM | ||
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678. | |||||
CVE-2024-5862 | 2024-06-24 | N/A | 7.5 HIGH | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation.This issue affects Mia-Med Health Aplication: before 1.0.14. | |||||
CVE-2024-28022 | 2024-06-13 | N/A | 6.5 MEDIUM | ||
A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to the targeted account. | |||||
CVE-2024-28833 | 1 Tribe29 | 1 Checkmk | 2024-06-12 | N/A | 7.5 HIGH |
Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms. | |||||
CVE-2024-35747 | 1 Contact Form Builder Project | 1 Contact Form Builder | 2024-06-12 | N/A | 5.3 MEDIUM |
Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7. | |||||
CVE-2021-28248 | 1 Broadcom | 1 Ehealth | 2024-06-04 | 5.0 MEDIUM | 7.5 HIGH |
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-23730 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0. | |||||
CVE-2023-44235 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0. | |||||
CVE-2023-45009 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through 1.11.3. | |||||
CVE-2023-48745 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through 2.9. | |||||
CVE-2023-34001 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects Hide My WP Ghost: from n/a through 5.0.25. | |||||
CVE-2023-48290 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through 1.15.20. | |||||
CVE-2023-48318 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact Form Email allows Functionality Bypass.This issue affects Contact Form Email: from n/a through 1.3.41. | |||||
CVE-2023-48276 | 2024-06-04 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Functionality Bypass.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1. | |||||
CVE-2023-26756 | 1 Revive | 1 Adserver | 2024-05-29 | N/A | 7.5 HIGH |
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features. | |||||
CVE-2023-36434 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-05-29 | N/A | 9.8 CRITICAL |
Windows IIS Server Elevation of Privilege Vulnerability | |||||
CVE-2023-21709 | 1 Microsoft | 1 Exchange Server | 2024-05-29 | N/A | 9.8 CRITICAL |
Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||
CVE-2024-32720 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56. | |||||
CVE-2024-32774 | 2024-05-17 | N/A | 4.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2. | |||||
CVE-2024-32676 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in LoginPress LoginPress Pro allows Removing Important Client Functionality.This issue affects LoginPress Pro: from n/a before 3.0.0. |