Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brute force vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-5421
Plataformatec Devise version 4.5.0 and previous versions, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result...
Plataformatec Devise
445
VMScore
CVE-2021-22915
Nextcloud server prior to 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protectio...
Nextcloud Nextcloud Server
Fedoraproject Fedora 33
Fedoraproject Fedora 34
445
VMScore
CVE-2018-11082
Cloud Foundry UAA, all versions before 4.20.0 and Cloud Foundry UAA Release, all versions before 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user.
Pivotal Software Cloudfoundry Uaa Release
Pivotal Software Cloudfoundry Uaa
356
VMScore
CVE-2016-3650
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.
Symantec Endpoint Protection Manager
NA
CVE-2023-47102
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.
Urbackup Urbackup Server 2.5.31
445
VMScore
CVE-2022-2321
Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama before 3.13.0. This results in login brute-force attacks.
Heroiclabs Nakama
445
VMScore
CVE-2018-12993
onefilecms.php in OneFileCMS through 2012-04-14 might allow malicious users to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields.
Onefilecms Onefilecms
NA
CVE-2023-35697
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote malicious user to brute-force user credentials.
Sick Icr890-4 Firmware
NA
CVE-2023-23755
An issue exists in Joomla! 4.2.0 up to and including 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.
Joomla Joomla\\!
NA
CVE-2023-27152
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing malicious users to perform a brute-force attack to bypass authentication.
Opnsense Opnsense 23.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »