Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brute force vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions prior to 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote malicious users to conduct brute force guessing attacks against cryptographic keys.
Openssl Openssl
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
3 EDB exploits
22 Github repositories
NA
CVE-2005-2977
The SELinux version of PAM prior to 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.
Pam Pam
NA
CVE-2013-2028
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 up to and including 1.4.0 allows remote malicious users to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an i...
F5 Nginx
Fedoraproject Fedora 19
4 EDB exploits
7 Github repositories
NA
CVE-2003-0831
ProFTPD 1.2.7 up to and including 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote malicious users to execute arbitrary code via a buffer overflow using certain files.
Proftpd Project Proftpd 1.2.7
Proftpd Project Proftpd 1.2.9 Rc2
Proftpd Project Proftpd 1.2.8 Rc2
Proftpd Project Proftpd 1.2.9 Rc1
Proftpd Project Proftpd 1.2.7 Rc1
Proftpd Project Proftpd 1.2.7 Rc2
Proftpd Project Proftpd 1.2.7 Rc3
Proftpd Project Proftpd 1.2.8
Proftpd Project Proftpd 1.2.8 Rc1
3 EDB exploits
7.2
CVSSv3
CVE-2023-48764
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GuardGiant Brute Force Protection WordPress Brute Force Protection – Stop Brute Force Attacks.This issue affects WordPress Brute Force Protection – Stop Bru...
Guardgiant Guardgiant
9.8
CVSSv3
CVE-2020-11052
In Sorcery prior to 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. The brute force protection submodule will prevent a brute force attack for the defined lockout period, but once expired, protection will not be re-enabled until a user...
Sorcery Project Sorcery
NA
CVE-2024-22425
Dell RecoverPoint for Virtual Machines 5.3.x contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form...
9.8
CVSSv3
CVE-2019-14299
Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force.
Ricoh Sp C250sf Firmware
Ricoh Sp C252sf Firmware
Ricoh Sp C250dn Firmware 1.05
Ricoh Sp C252dn Firmware
6.1
CVSSv3
CVE-2023-28786
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SolidWP Solid Security – Password, Two Factor Authentication, and Brute Force Protection.This issue affects Solid Security – Password, Two Factor Authentication, and Brute Force Protection:...
Solidwp Solid Security
5.9
CVSSv3
CVE-2021-27342
An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote malicious user to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack
Dlink Dir-842e Firmware
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »