CWE:
 

Topic
Date
Author
Med.
Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass
24.09.2024
SivertPL


CVEMAP Search Results

CVE
Details
Description
2024-10-04
Waiting for details
CVE-2024-47654

Updating...
 

 
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead to the OTP bombing on the targeted system.

 
2024-09-26
Waiting for details
CVE-2024-9199

Updating...
 

 
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of service (DoS).

 
2024-06-20
Waiting for details
CVE-2024-32943

Updating...
 

 
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.

 
Waiting for details
CVE-2024-35246

Updating...
 

 
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.

 
2024-06-04
Waiting for details
CVE-2023-51544

Updating...
 

 
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0.

 
Waiting for details
CVE-2023-40673

Updating...
 

 
: Improper Control of Interaction Frequency vulnerability in cartpauj Cartpauj Register Captcha allows Functionality Misuse.This issue affects Cartpauj Register Captcha: from n/a through 1.0.02.

 
2024-05-17
Waiting for details
CVE-2024-24873

Updating...
 

 
: Improper Control of Interaction Frequency vulnerability in CodePeople CP Polls allows Flooding.This issue affects CP Polls: from n/a through 1.0.71.

 
2023-07-12
Waiting for details
CVE-2023-38068

Updating...
 

 
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms

 
2021-11-12
Medium
CVE-2021-37910

Updating...
 

 
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.

 
2021-10-25
Medium
CVE-2021-41177

Vendor: Nextcloud
Software: Nextcloud server
 

 
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any component of Nextcloud using rate-limits (as as `AnonRateThrottle` or `UserRateThrottle`) was thus not rate limited on instances not having a memory cache backend configured. In the case of a default installation, this would notably include the rate-limits on the two factor codes. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5, or 22.2.0. As a workaround, enable a memory cache backend in `config.php`.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top