Security Vulnerabilities - CVEs Published In May 2022
Survey Sparrow Enterprise Survey Software 2022 has a Stored cross-site scripting (XSS) vulnerability in the Signup parameter.
CVSS Score
5.4
EPSS Score
0.019
Published
2022-05-11
Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-05-11
An Authenticated Reflected Cross-site scripting at CC Parameter was discovered in MDaemon before 22.0.0 .
CVSS Score
5.4
EPSS Score
0.004
Published
2022-05-11
An Authenticated Reflected Cross-site scripting at BCC Parameter was discovered in MDaemon before 22.0.0 .
CVSS Score
5.4
EPSS Score
0.004
Published
2022-05-11
Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch.
CVSS Score
9.8
EPSS Score
0.604
Published
2022-05-11
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files.
CVSS Score
7.2
EPSS Score
0.006
Published
2022-05-11
Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-05-11
Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters.
CVSS Score
7.2
EPSS Score
0.006
Published
2022-05-11
Windows Kernel Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.004
Published
2022-05-10
.NET and Visual Studio Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.062
Published
2022-05-10