Vulnerabilities > Evernote > Evernote
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-09 | CVE-2023-50643 | Unspecified vulnerability in Evernote 10.68.2 An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components. | 9.8 |
2021-06-24 | CVE-2020-17759 | Command Injection vulnerability in Evernote 6.17.7/6.18 An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. | 6.8 |
2020-01-31 | CVE-2013-5116 | Improper Authentication vulnerability in Evernote Evernote prior to 5.5.1 has insecure password change | 6.6 |
2020-01-31 | CVE-2013-5112 | Improper Authentication vulnerability in Evernote Evernote before 5.5.1 has insecure PIN storage | 2.1 |
2019-09-30 | CVE-2019-17051 | Improper Input Validation vulnerability in Evernote Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file. | 6.8 |
2019-05-31 | CVE-2019-10038 | Path Traversal vulnerability in Evernote 7.9 Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file. | 4.4 |
2019-05-13 | CVE-2018-18524 | Cross-site Scripting vulnerability in Evernote 6.15 Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. | 4.3 |
2018-12-22 | CVE-2018-20351 | Cross-site Scripting vulnerability in Evernote The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832. | 4.3 |
2018-12-11 | CVE-2018-20058 | Path Traversal vulnerability in Evernote In Evernote before 7.6 on macOS, there is a local file path traversal issue in attachment previewing, aka MACOSNOTE-28634. | 5.0 |
2017-05-22 | CVE-2016-4900 | Untrusted Search Path vulnerability in Evernote Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 6.8 |