Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-307 (过多认证尝试的限制不恰当) — Vulnerability Class 327

327 vulnerabilities classified as CWE-307 (过多认证尝试的限制不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-35172 Nextcloud Server password reset endpoint is not brute force protected — security-advisories 8.7 High2023-06-23
CVE-2023-32320 Nextcloud Server's brute force protection allows someone to send more requests than intended — security-advisories 8.7 High2023-06-22
CVE-2022-32757 IBM Security Directory Suite VA information disclosure — Security Directory Suite VA 7.5 High2023-06-15
CVE-2022-42478 Fortinet FortiSIEM 安全漏洞 — FortiSIEM 8.1 High2023-06-13
CVE-2023-3173 Improper Restriction of Excessive Authentication Attempts in froxlor/froxlor — froxlor/froxlor 9.4 -2023-06-09
CVE-2023-32319 Basic auth header on WebDAV requests is not brute-force protected in Nextcloud — security-advisories 8.1 High2023-05-26
CVE-2023-32074 Nextcloud user_oidc app is missing brute force protection — security-advisories 8.0 High2023-05-25
CVE-2023-2675 Improper Restriction of Excessive Authentication Attempts in linagora/twake — linagora/twake 9.8 -2023-05-12
CVE-2023-2531 Improper Restriction of Excessive Authentication Attempts in azuracast/azuracast — azuracast/azuracast 7.5 -2023-05-05
CVE-2023-28847 Nextcloud Server missing brute force protection for passwords of password protected share links — security-advisories 3.1 Low2023-04-25
CVE-2022-43377 Schneider Electric NetBotz 安全漏洞 — NetBotz 4 - 355/450/455/550/570 7.5 High2023-04-18
CVE-2022-2525 Improper Restriction of Excessive Authentication Attempts in janeczku/calibre-web — janeczku/calibre-web 9.1 -2023-04-15
CVE-2022-43947 Fortinet FortiOS 安全漏洞 — FortiOS 4.7 Medium2023-04-11
CVE-2023-29005 No Rate Limiting on Login AUTH DB — Flask-AppBuilder 7.5 High2023-04-10
CVE-2023-25818 Missing brute force protection on password reset token in Nextcloud Server — security-advisories 5.3 Medium2023-03-27
CVE-2023-1665 Improper Restriction of Excessive Authentication Attempts in linagora/twake — linagora/twake 8.2 -2023-03-27
CVE-2023-25820 Nextcloud Server and Enterprise Server missing brute force protection on password confirmation modal — security-advisories 4.2 Medium2023-03-22
CVE-2023-1539 Improper Restriction of Excessive Authentication Attempts in answerdev/answer — answerdev/answer 8.2 -2023-03-21
CVE-2023-26209 Fortinet FortiDeceptor 安全漏洞 — FortiDeceptor 3.5 Low2023-03-09
CVE-2023-26208 Fortinet FortiAuthenticator 安全漏洞 — FortiAuthenticator 3.5 Low2023-03-09
CVE-2022-29056 Fortinet FortiMail 安全漏洞 — FortiMail 3.5 Low2023-03-09
CVE-2023-1101 SonicWALL SonicOS 安全漏洞 — SonicOS 8.8 -2023-03-02
CVE-2023-0860 Improper Restriction of Excessive Authentication Attempts in modoboa/modoboa-installer — modoboa/modoboa-installer 9.1 -2023-02-16
CVE-2022-34389 Dell SupportAssist for Home PCs 安全漏洞 — SupportAssist 3.7 Low2023-02-10
CVE-2023-24020 Snap One Wattbox 安全漏洞 — Wattbox WB-300-IP-3 7.5 High2023-01-30
CVE-2022-32515 Schneider Electric Conext ComBox 安全漏洞 — Conext™ ComBox 8.6 High2023-01-30
CVE-2022-4797 Improper Restriction of Excessive Authentication Attempts in usememos/memos — usememos/memos 7.5 -2022-12-28
CVE-2022-23746 Check Point IPSec VPN 安全漏洞 — Gateway & Management, IPsec VPN blade SNX portal. 9.8 -2022-11-30
CVE-2022-2650 Improper Restriction of Excessive Authentication Attempts in wger-project/wger — wger-project/wger 9.8 -2022-11-24
CVE-2022-2166 Improper Restriction of Excessive Authentication Attempts in mastodon/mastodon — mastodon/mastodon 9.4 -2022-11-16

Vulnerabilities classified as CWE-307 (过多认证尝试的限制不恰当) represent 327 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.