Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-307 (过多认证尝试的限制不恰当) — Vulnerability Class 327

327 vulnerabilities classified as CWE-307 (过多认证尝试的限制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-2417 OTP Bypass in Akinsoft's e-Mutabakat — e-Mutabakat 8.6 High2025-09-04
CVE-2025-2416 OTP Bypass in Akinsoft's LimonDesk — LimonDesk 8.6 High2025-09-03
CVE-2025-2415 OTP Bypass in Akinsoft's MyRezzta — MyRezzta 8.6 High2025-09-03
CVE-2025-1740 Authentication Bypass in Akinsoft's MyRezzta — MyRezzta 9.8 Critical2025-09-03
CVE-2025-2413 OTP Bypass in Akinsoft's ProKuafor — ProKuafor 8.6 High2025-09-02
CVE-2025-2414 OTP Bypass in Akinsoft's OctoCloud — OctoCloud 8.6 High2025-09-02
CVE-2025-2412 OTP Bypass in Akinsoft's QR Menu — QR Menu 8.6 High2025-09-01
CVE-2025-9004 mtons mblog password excessive authentication — mblog 3.7 Low2025-08-15
CVE-2025-8927 mtons mblog Verification Code send_code excessive authentication — mblog 3.7 Low2025-08-13
CVE-2025-55003 OpenBao Login MFA Bypasses Rate Limiting and TOTP Token Reuse — openbao 5.7 Medium2025-08-09
CVE-2025-54998 OpenBao Userpass and LDAP User Lockout Bypass — openbao 5.3 Medium2025-08-09
CVE-2025-8742 macrozheng mall Admin Login excessive authentication — mall 3.7 Low2025-08-08
CVE-2025-46414 EG4 Electronics EG4 Inverters Improper Restriction of Excessive Authentication Attempts — EG4 12kPV 8.1 High2025-08-08
CVE-2025-53544 Trilium Notes is Vulnerable to Brute-force Protection Bypass via Initial Sync Seed Retrieval — Trilium 7.5 High2025-08-05
CVE-2025-6015 Vault Login MFA Bypass of Rate Limiting and TOTP Code Reuse — Vault 5.7 Medium2025-08-01
CVE-2025-6004 Vault Userpass and LDAP User Lockout Bypass — Vault 5.3 Medium2025-08-01
CVE-2023-32251 Kernel: ksmbd brute force delay bypass via asynchronous requests 3.7 Low2025-07-31
CVE-2025-54833 OPEXUS FOIAXpress Public Access Link (PAL) account-lockout and CAPTCHA protection bypass — FOIAXpress Public Access Link (PAL) 5.3 Medium2025-07-31
CVE-2024-49342 IBM Informix Dynamic Server information disclosure — Informix Dynamic Server 7.5 High2025-07-28
CVE-2025-7393 Mail Login - Critical - Access bypass - SA-CONTRIB-2025-088 — Mail Login 9.8 -2025-07-21
CVE-2025-7882 Mercusys MW301R Login excessive authentication — MW301R 3.1 Low2025-07-20
CVE-2024-9342 Eclipse GlassFish 安全漏洞 — Eclipse Glassfish 9.8 -2025-07-16
CVE-2025-27456 CVE-2025-27456 — Endress+Hauser MEAC300-FNADE4 7.5 High2025-07-03
CVE-2025-27449 CVE-2025-27449 — Endress+Hauser MEAC300-FNADE4 7.5 High2025-07-03
CVE-2025-1710 CVE-2025-1710 — Endress+Hauser MEAC300-FNADE4 7.5 High2025-07-03
CVE-2025-52997 File Browser Insecurely Handles Passwords — filebrowser 5.9 Medium2025-06-30
CVE-2025-4383 Authentication Bypass in Art-In Systems' Wi-Fi Cloud Hotspot — Wi-Fi Cloud Hotspot 9.3 Critical2025-06-24
CVE-2025-2171 Aviatrix Controller 安全漏洞 — Controller 7.5AIHighAI2025-06-23
CVE-2025-52916 Yealink YMCS RPS 安全漏洞 — RPS 2.2 Low2025-06-21
CVE-2025-47951 Weblate lacks rate limiting when verifying second factor — weblate 4.9 Medium2025-06-16

Vulnerabilities classified as CWE-307 (过多认证尝试的限制不恰当) represent 327 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.