Vulnerabilities > Evernote > Evernote > 7.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-30 | CVE-2019-17051 | Improper Input Validation vulnerability in Evernote Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file. | 6.8 |
2019-05-31 | CVE-2019-10038 | Path Traversal vulnerability in Evernote 7.9 Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file. | 4.4 |