Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass
24.09.2024
SivertPL
CVEMAP Search Results
CVE
Details
Description
2024-10-04
CVE-2024-47654
Updating...
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead to the OTP bombing on the targeted system.
2024-09-26
CVE-2024-9199
Updating...
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of service (DoS).
2024-06-20
CVE-2024-32943
Updating...
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.
CVE-2024-35246
Updating...
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.
2024-06-04
CVE-2023-51544
Updating...
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0.
CVE-2023-40673
Updating...
: Improper Control of Interaction Frequency vulnerability in cartpauj Cartpauj Register Captcha allows Functionality Misuse.This issue affects Cartpauj Register Captcha: from n/a through 1.0.02.
2024-05-17
CVE-2024-24873
Updating...
: Improper Control of Interaction Frequency vulnerability in CodePeople CP Polls allows Flooding.This issue affects CP Polls: from n/a through 1.0.71.
2023-07-12
CVE-2023-38068
Updating...
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms
2021-11-12
Medium
CVE-2021-37910
Updating...
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.
2021-10-25
Medium
CVE-2021-41177
Vendor:
Nextcloud
Software:
Nextcloud server
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any component of Nextcloud using rate-limits (as as `AnonRateThrottle` or `UserRateThrottle`) was thus not rate limited on instances not having a memory cache backend configured. In the case of a default installation, this would notably include the rate-limits on the two factor codes. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5, or 22.2.0. As a workaround, enable a memory cache backend in `config.php`.
Copyright
2024
, cxsecurity.com
Back to Top
