19 matches found
CVE-2025-15615
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2026-32983
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2025-15615
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2025-15615 Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2025-15615
CVE-2025-15615 affects the Wazuh Manager authd service in wazuh-manager up to version 4.7.3. The root cause is an improper restriction of client-initiated SSL/TLS renegotiation, which allows remote attackers to cause a denial of service by sending excessive renegotiation requests. The impact desc...
CVE-2025-15615 Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2025-15615
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2026-32983
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2026-32983
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2026-32983 SSL/TLS Renegotiation DoS in Wazuh Manager authd service
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
CVE-2026-32983 SSL/TLS Renegotiation DoS in Wazuh Manager authd service
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
PT-2026-28278
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...
PT-2026-28460
Name of the Vulnerable Software and Affected Versions wazuh-manager versions prior to 4.7.4 Description The authd service in Wazuh Manager contains an improper restriction of client-initiated SSL/TLS renegotiation. This allows remote attackers to cause a denial of service by sending excessive...
Security Bulletin: Authd service in the IBM Verify Gateway PAM components allows cleartext transmission of sensitive information (CVE-2020-4397)
Summary The IBM Verify Gateway IVG Authd service listens on TCP port 12. When the service is enabled, it's possible to detect cleartext transmission of sensitive information in the data traffic to and from the port. As of v1.0.1 of IVG for AIX PAM, and v1.0.2 of IVG for Linux PAM, the Authd servi...
Security Bulletin: Authd service in the IBM Verify Gateway PAM components is vulnerable to denial of service attack (CVE-2020-4399)
Summary The IBM Verify Gateway IVG Authd service listens on TCP port 12. It's possible to mount a denial of service attack by sending malformed requests to port 12, thereby crashing the service. As of v1.0.1 of IVG for AIX PAM, and v1.0.2 of IVG for Linux PAM, the Authd service is not used. The P...
(Pwn2Own) Apple macOS authd Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the authd service. The...
Command injection
vmwarebase.dll, as used in the vmware-authd service aka vmware-authd.exe, in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2...
CVE-2009-0177
vmwarebase.dll, as used in the vmware-authd service aka vmware-authd.exe, in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2...
CVE-2009-0177
CVE-2009-0177 is a remote denial-of-service vulnerability in the vmware-authd.exe daemon via excessively long USER or PASS commands. Public-availability details (from VMware VMSA-2009-0005) indicate the issue affects multiple VMware products prior to patched versions, including Workstation 6.5.x ...