Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-14711 | 1 Verifone | 2 Mx900, Mx900 Firmware | 2021-07-21 | 4.4 MEDIUM | 7.0 HIGH |
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass. | |||||
CVE-2019-14719 | 1 Verifone | 2 Mx900, Mx900 Firmware | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager. | |||||
CVE-2019-14718 | 1 Verifone | 2 Mx900, Mx900 Firmware | 2020-10-28 | 4.6 MEDIUM | 6.7 MEDIUM |
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation. | |||||
CVE-2019-14713 | 1 Verifone | 2 Mx900, Mx900 Firmware | 2020-10-28 | 2.1 LOW | 5.5 MEDIUM |
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages. |