Vulnerabilities > Verifone > High

DATE CVE VULNERABILITY TITLE RISK
2020-10-23 CVE-2019-14719 Command Injection vulnerability in Verifone Mx900 Firmware 30251000
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.
local
low complexity
verifone CWE-77
7.8
7.8
2020-10-23 CVE-2019-14717 Classic Buffer Overflow vulnerability in Verifone Verix OS Qt000530
Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.
local
low complexity
verifone CWE-120
7.8
7.8
2020-10-23 CVE-2019-14712 Unspecified vulnerability in Verifone Verix OS Qt000530
Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation.
local
low complexity
verifone
7.8
7.8
2020-10-23 CVE-2019-14711 Race Condition vulnerability in Verifone Mx900 Firmware 30251000
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.
local
high complexity
verifone CWE-362
7.0
7.0
2019-03-26 CVE-2019-10060 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Verifone Verix Multi-App Conductor 2.7
The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value.
network
high complexity
verifone CWE-119
8.1
8.1