CVE-2025-15615

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lac...

MiracleLinux 8 : spice-0.14.3-4.el8 (AXSA:2021-2114:09)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2114:09 advisory. spice: Client initiated renegotiation denial of service CVE-2021-20201 Tenable has extracted the preceding description block directly from the MiracleLinux...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via repeated client-initiated TLS renegotiation requests. An attacker can exhaust server CPU resources by sending multiple renegotiation requests over unauthenticated connections. Not...

EUVD-2019-0994

Malicious code in bioql PyPI...

CVE-2023-22633

An improper permissions, privileges, and access controls vulnerability CWE-264 in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions 8.7.0 all versions may allow an unauthenticated attacker to perform a DoS attack on the device via client-secure...

SA40013 - TLS/SSL Renegotiation Vulnerability Pulse Connect Secure (PCS) (CVE-2009-3555) (Pulse Secure PSN-2009-11-573

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. The industry-wide TLS/SSL renegotiation issue CVE-2009-3555 has been found in the Pulse Connect Secure PCS device. This issue has been reported as a man in the middle MITM attack by ma...

spice 安全漏洞

Canonical Ubuntu is a GNU/Linux operating system for desktop applications from the British company Canonical. Ubuntu suffers from a resource management error vulnerability that originates from a client-initiated renegotiation denial of service. An attacker could exploit this vulnerability to caus...

CVE-2018-13296

Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation...

CVE-2011-5094

Mozilla Network Security Services NSS 3.x, with certain settings of the SSLENABLERENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service CPU consumption by...

PT-2012-1524

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.9.8l OpenSSL versions 0.9.8m through 1.x Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by performing many renegotiations within a single connection. This i...