Fallos del tipo CWE-307
411 resultadosCVE-2023-27172CRITICALXpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sEPSS 0.7%CVE-2023-49810HIGHA login attempt restriction bypass vulnerability exists in the checkLoginAttempts functionality of WWBN AVideo dev master commit 15fed957fb.EPSS 0.7%CVE-2022-43904HIGHIBM Security Guardium information disclosureEPSS 0.7%CVE-2023-50326HIGHIBM PowerSC information DisclosureEPSS 0.7%CVE-2023-45191HIGHIBM Engineering Lifecycle Optimization information disclosureEPSS 0.7%CVE-2021-38474MEDIUMInHand Networks IR615 RouterEPSS 0.7%CVE-2022-2650HIGHImproper Restriction of Excessive Authentication Attempts in wger-project/wgerEPSS 0.7%CVE-2023-33754MEDIUMThe captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery,EPSS 0.7%CVE-2023-0860HIGHImproper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installerEPSS 0.7%CVE-2024-42466CRITICALLack of resources and rate limiting - loginEPSS 0.7%CVE-2023-35697MEDIUMImproper Restriction of Excessive Authentication Attempts in the SICK ICR890-4
could allow a remote attacker to brute-force user credentialsEPSS 0.7%CVE-2023-24020HIGH
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a loEPSS 0.6%CVE-2025-6029CRITICALKIA-branded Aftermarket Generic Smart Keyless Entry System Replay AttackEPSS 0.6%CVE-2023-0574MEDIUMServer-Side Request ForgeryEPSS 0.6%CVE-2025-8927MEDIUMmtons mblog Verification Code send_code excessive authenticationEPSS 0.6%CVE-2024-12039HIGHImproper Restriction of Excessive Authentication Attempts in langgenius/difyEPSS 0.6%CVE-2022-32515HIGHA CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause brute force attacks to take over EPSS 0.6%CVE-2024-43042CRITICALPluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.EPSS 0.6%CVE-2022-43377HIGH
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that
could cause account takeover when a brutEPSS 0.6%CVE-2023-29005HIGHNo Rate Limiting on Login AUTH DBEPSS 0.6%