Falhas do tipo CWE-307
411 resultadosCVE-2025-2171HIGHAviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 do not enforce rate limiting on password reset attempts, allowing adversEPSS 0.5%CVE-2025-69615CRITICALIncorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction rEPSS 0.4%CVE-2023-41270LOWSamsung Smart TV UE40D7000 WPS DoS attackEPSS 0.4%CVE-2023-3548HIGHIQ Wifi 6EPSS 0.4%CVE-2025-63807CRITICALAn issue was discovered in weijiang1994 university-bbs (aka Blogin) in commit 9e06bab430bfc729f27b4284ba7570db3b11ce84 (2025-01-13). A weak EPSS 0.4%CVE-2024-39873HIGHA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly imEPSS 0.4%CVE-2024-41682MEDIUMA vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce restricEPSS 0.4%CVE-2022-34389LOW
Dell SupportAssist contains a rate limit bypass issues in screenmeet API third party component. An unauthenticated attacker could potentialEPSS 0.4%CVE-2026-20882HIGHMobiliti e-mobi.hu Improper Restriction of Excessive Authentication AttemptsEPSS 0.4%CVE-2024-45523CRITICALAn issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.359EPSS 0.4%CVE-2023-32657MEDIUMWeintek Weincloud Improper Restriction of Excessive Authentication AttemptsEPSS 0.4%CVE-2024-32676MEDIUMWordPress LoginPress Pro plugin < 3.0.0 - Captcha Bypass vulnerabilityEPSS 0.4%CVE-2020-37228CRITICALiDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security BypassEPSS 0.4%CVE-2023-44235MEDIUMWordPress WP Captcha plugin <= 2.0.0 - Captcha Bypass vulnerabilityEPSS 0.4%CVE-2026-31904HIGHCTEK Chargeportal Improper Restriction of Excessive Authentication AttemptsEPSS 0.4%CVE-2025-12310MEDIUMVirtFusion Email Change _settings excessive authenticationEPSS 0.4%CVE-2019-5035CRITICALAn exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 462000EPSS 0.4%CVE-2025-2417HIGHOTP Bypass in Akinsoft's e-MutabakatEPSS 0.4%CVE-2025-1740CRITICALAuthentication Bypass in Akinsoft's MyRezztaEPSS 0.4%CVE-2025-5864MEDIUMTenda TDSEE App Password Reset Confirmation Code ConfirmSmsCode excessive authenticationEPSS 0.4%