From DHS/US-CERT’s National Vulnerability Database
PUBLISHED: 2020-10-09HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters….
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit…
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC720 before 220.127.116.11 and WAC730 before 18.104.22.168.
NETGEAR GS808E devices before 22.214.171.124 are affected by denial of service.
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 126.96.36.199, RBK752 before 188.8.131.52, RBR750 before 184.108.40.206, RBS750 before 220.127.116.11, RBK852 before 18.104.22.168, RBR850 before 22.214.171.124, and RBS850 before 126.96.36.199.