Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2024-21664 NULL Pointer Dereference vulnerability in Lestrrat-Go JWX
jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies.
network
low complexity
lestrrat-go CWE-476
7.5
2024-01-09 CVE-2024-0341 Path Traversal vulnerability in Inis Project Inis 2.0.0/2.0.1
A vulnerability was found in Inis up to 2.0.1.
network
low complexity
inis-project CWE-22
7.5
2024-01-09 CVE-2024-21319 Unspecified vulnerability in Microsoft .Net and Identity Model
Microsoft Identity Denial of service vulnerability
network
low complexity
microsoft
6.8
2024-01-09 CVE-2024-21668 Information Exposure Through Log Files vulnerability in Mrousavy React-Native-Mmkv
react-native-mmkv is a library that allows easy use of MMKV inside React Native applications.
network
low complexity
mrousavy CWE-532
4.9
2024-01-09 CVE-2022-48618 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apple products
The issue was addressed with improved checks.
local
high complexity
apple CWE-367
7.0
2024-01-09 CVE-2024-0056 Unspecified vulnerability in Microsoft products
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
network
high complexity
microsoft
8.7
2024-01-09 CVE-2024-0057 Unspecified vulnerability in Microsoft products
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
network
low complexity
microsoft
critical
9.8
2024-01-09 CVE-2024-0226 Cross-site Scripting vulnerability in Synopsys Seeker
Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting vulnerability through a specially crafted payload.
network
low complexity
synopsys CWE-79
5.4
2024-01-09 CVE-2024-0340 Unspecified vulnerability in Linux Kernel
A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function.
local
low complexity
linux
5.5
2024-01-09 CVE-2024-20652 Unspecified vulnerability in Microsoft products
Windows HTML Platforms Security Feature Bypass Vulnerability
network
high complexity
microsoft
8.1