Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-307 (过多认证尝试的限制不恰当) — Vulnerability Class 327

327 vulnerabilities classified as CWE-307 (过多认证尝试的限制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-66482 Misskey has a login rate limit bypass via spoofed X-Forwarded-For header — misskey 5.3AIMediumAI2025-12-15
CVE-2025-66204 WBCE CMS allows brute-force protection bypass using X-Forwarded-For header — WBCE_CMS 9.1AICriticalAI2025-12-08
CVE-2025-42615 Improper Restriction of Excessive Authentication Attempts vulnerability in CIRCL Vulnerability-Lookup — Vulnerability-Lookup 8.1AIHighAI2025-12-08
CVE-2025-46603 Dell CloudBoost Virtual Appliance 安全漏洞 — CloudBoost Virtual Appliance 7.0 High2025-12-05
CVE-2025-12995 Medtronic CareLink Network 安全漏洞 — CareLink Network 8.1 High2025-12-04
CVE-2025-64310 SEIKO EPSON Web Config和SEIKO EPSON Web Control 安全漏洞 — EPSON WebConfig for SEIKO EPSON Projector Products 9.8 Critical2025-11-21
CVE-2025-59113 Bruteforce Protection Bypass in Windu CMS — Windu CMS 9.4AICriticalAI2025-11-18
CVE-2025-11566 Schneider Electric PowerChute Serial Shutdown 安全漏洞 — PowerChute™ Serial Shutdown 7.8 -2025-11-12
CVE-2025-10161 Authentication Bypass in Turkguven's Perfektive — Perfektive 7.3 High2025-11-11
CVE-2025-12896 Solidigm DC 安全漏洞 — D5-P5316, D7-P5510, D7-P5520/D7-P5620, D5-P5430, D5-P5336 4.4 Medium2025-11-07
CVE-2025-12547 LogicalDOC Community Edition Admin Login login.jsp excessive authentication — Community Edition 3.7 Low2025-10-31
CVE-2025-62257 Liferay Portal和Liferay DXP 安全漏洞 — Portal 7.5AIHighAI2025-10-29
CVE-2025-10928 Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-108 — Access code 9.8AICriticalAI2025-10-29
CVE-2025-64102 Zitadel allows brute-forcing authentication factors — zitadel 9.8AICriticalAI2025-10-29
CVE-2025-12310 VirtFusion Email Change _settings excessive authentication — VirtFusion 5.3 Medium2025-10-27
CVE-2025-26862 PingFederate unexpected browser flow initiation in redirectless mode — PingFederate 9.8AICriticalAI2025-10-27
CVE-2025-62399 Moodle: password brute force risk when mobile/web services enabled 7.5 High2025-10-23
CVE-2025-9551 Protected Pages - Moderately critical - Access bypass - SA-CONTRIB-2025-101 — Protected Pages 9.8AICriticalAI2025-10-10
CVE-2025-11441 JhumanJ OpnForm HTTP Header excessive authentication — OpnForm 3.7 Low2025-10-08
CVE-2025-58587 Improper Restriction of Excessive Authentication Attempts — Baggage Analytics 6.5 Medium2025-10-06
CVE-2025-8679 ExtremeGuest Essentials Captive Portal Unauthenticated Brute Force — ExtremeGuest Essentials 8.2AIHighAI2025-10-01
CVE-2025-8118 Bruteforce Protection Bypass in PAD CMS — PAD CMS 9.8AICriticalAI2025-09-30
CVE-2025-36064 IBM Sterling Connect:Express for Microsoft Windows information disclosure — Sterling Connect:Express for Microsoft Windows 5.9 Medium2025-09-22
CVE-2025-35041 Airship AI Acropolis MFA insufficient rate limiting — Acropolis 7.5 High2025-09-22
CVE-2025-10761 Harness Login Endpoint login excessive authentication — Harness 3.7 Low2025-09-21
CVE-2025-10658 SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.7 - Authentication Bypass to Support Session Takeover — SupportCandy – Helpdesk & Customer Support Ticket System 6.5 Medium2025-09-20
CVE-2025-54860 Cognex In-Sight Explorer and In-Sight Camera Firmware Improper Restriction of Excessive Authentication Attempts — In-Sight 2000 series 7.7 High2025-09-18
CVE-2025-36758 Bypass of bruteforce protection in SolaX Cloud — SolaX Cloud 9.8AICriticalAI2025-09-10
CVE-2025-57815 Fides Lacks Brute-Force Protections on Authentication Endpoints — fides 9.8AICriticalAI2025-09-08
CVE-2025-2411 OTP Bypass in Akinsoft's TaskPano — TaskPano 8.6 High2025-09-04

Vulnerabilities classified as CWE-307 (过多认证尝试的限制不恰当) represent 327 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.