CVE-2025-15615

CVE-2025-15615 affects the Wazuh Manager authd service in wazuh-manager up to version 4.7.3. The root cause is an improper restriction of client-initiated SSL/TLS renegotiation, which allows remote attackers to cause a denial of service by sending excessive renegotiation requests. The impact desc...

PT-2026-28460

Name of the Vulnerable Software and Affected Versions wazuh-manager versions prior to 4.7.4 Description The authd service in Wazuh Manager contains an improper restriction of client-initiated SSL/TLS renegotiation. This allows remote attackers to cause a denial of service by sending excessive...

CVE-2025-11419 Keycloak: keycloak tls client-initiated renegotiation denial of service

A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service DoS by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unavailable...

SUSE CVE-2013-6628

net/socket/sslclientsocketnss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by...

SUSE CVE-2015-0291

The sigalgs implementation in t1lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash by using an invalid signaturealgorithms extension in the ClientHello message during a renegotiation...

openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

DEBIAN-CVE-2015-7944

The RESTful control interface aka RAPI or ganeti-rapi in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service resourc...

UBUNTU-CVE-2015-7944

The RESTful control interface aka RAPI or ganeti-rapi in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service resourc...

DEBIAN-CVE-2012-2249

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service assertion failure and daemon exit via a renegotiation attempt that occurs after the initiation of the V3 link protocol...

TLS protocol vulnerable to Man In The Middle attack – Opera Security Advisories

TLS protocol vulnerable to Man In The Middle attack – Opera Security Advisories OPCOM Team | June 29, 2010 Summary A vulnerability has been discovered in all current versions of the SSL and TLS protocols, that may allow an attacker to inject data and instructions into the HTTPS connection and tri...

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...