CISOs Planning on Bigger Budgets: Report


Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database


PUBLISHED: 2020-10-09HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters....

PUBLISHED: 2020-10-09

Taurus-AN00B versions earlier than have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit...

PUBLISHED: 2020-10-09

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC720 before and WAC730 before

PUBLISHED: 2020-10-09

NETGEAR GS808E devices before are affected by denial of service.

PUBLISHED: 2020-10-09

Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before, RBK752 before, RBR750 before, RBS750 before, RBK852 before, RBR850 before, and RBS850 before