CWE-307
Improper Restriction of Excessive Authentication Attempts
Parent: CWE-1390 - Weak Authentication
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
561 vulnerabilities with CWE-307
CVE-2025-0417
HIGH
Valmet DNA visualization - Info Disclosure
CVE-2025-31676
HIGH
Drupal Email TFA <2.0.3 - Auth Bypass
CVSS 8.8
CVE-2025-2911
MEDIUM
MeetMe <2024-09 - Info Disclosure
CVE-2025-1496
MEDIUM
BG-TEK Coslat Hotspot <6.26.0.R.20250227 - Auth Bypass
CVSS 6.5
CVE-2025-25595
CRITICAL
Iitb Safe - Brute Force
CVSS 9.8
CVE-2025-1714
MEDIUM
Perforce Gliffy <4.14.0-7 - Info Disclosure
CVE-2025-23368
HIGH
Redhat Wildfly Core < 31.0.3 - Brute Force
CVSS 8.1
CVE-2025-1629
LOW
Excitel App 3.13.0 - Auth Bypass
CVSS 3.5
CVE-2025-24806
LOW
Authelia < 4.38.19 - Brute Force
CVE-2025-22645
MEDIUM
Rameez Iqbal Real Estate Manager <7.3 - Auth Bypass
CVSS 5.3
CVE-2024-49342
HIGH
IBM Informix Dynamic Server - Brute Force
CVSS 7.5
CVE-2024-9342
CRITICAL
Eclipse Glassfish - Brute Force
CVSS 9.8
CVE-2024-12039
HIGH
Langgenius Dify - Brute Force
CVSS 8.1
CVE-2024-42176
LOW
Hcltech Dryice Myxalytics - Brute Force
CVSS 2.6
CVE-2024-51476
HIGH
IBM Concert Software - Brute Force
CVSS 7.5
CVE-2024-57610
HIGH
Sylius - Brute Force
CVSS 7.5
CVE-2024-23106
HIGH
Fortinet Forticlientems < 6.2.9 - Brute Force
CVSS 8.1
CVE-2024-55008
HIGH
Jatos - Brute Force
CVSS 7.5
CVE-2024-53647
MEDIUM
Trendmicro ID Security < 3.0 - Resource Allocation Without Limits
CVSS 6.5
CVE-2024-8429
MEDIUM
WiFiBurada <1.0.5 - Auth Bypass
CVSS 4.3
CVE-2024-38488
MEDIUM
Dell RecoverPoint for Virtual Machines 6.0.x - Auth Bypass
CVSS 6.5
CVE-2024-45404
HIGH
OpenCTI <6.2.18 - Privilege Escalation
CVSS 8.1
CVE-2024-46442
CRITICAL
BYD Dilink Headunit System 3.0-4.0 - Auth Bypass
CVSS 9.8
CVE-2024-9928
MEDIUM
NSD570 - DoS
CVSS 5.3
CVE-2024-49597
HIGH
Dell Wyse Management Suite <4.4 - Privilege Escalation
CVSS 7.6
Details
Vulnerabilities
561