7 Tips for Choosing Security Metrics That Matter

7 Tips for Choosing Security Metrics That Matter
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database CVE-2020-24265PUBLISHED: 2020-10-19

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.

CVE-2020-24266PUBLISHED: 2020-10-19

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.

CVE-2020-13778PUBLISHED: 2020-10-19

rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.

CVE-2020-15909PUBLISHED: 2020-10-19

SolarWinds N-central through 2020.1 allows session hijacking.

CVE-2020-15910PUBLISHED: 2020-10-19

SolarWinds N-central through 12.3 does not include the HTTPOnly flag in the Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.




Support the originator by clicking the read the rest link below.