Known Vulnerabilities for products from Intuit
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Intuit".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-14833 | Intuit Lacerte 2017 has Incorrect Access Control. | 5.9 - MEDIUM | 2019-07-09 | 2019-07-16 |
| CVE-2018-11338 | Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list in cleartext over SMB, whic... | 7.5 - HIGH | 2018-07-31 | 2019-10-03 |
| CVE-2018-3854 | An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 fo... | 7.1 - HIGH | 2018-12-03 | 2022-12-03 |
| CVE-2012-2425 | The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit Quick... | 1.8 - LOW | 2012-04-25 | 2021-07-23 |
| CVE-2012-2424 | The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit Quick... | 1.8 - LOW | 2012-04-25 | 2021-07-23 |
| CVE-2012-2423 | The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit Quick... | 1.8 - LOW | 2012-04-25 | 2021-07-23 |
| CVE-2012-2422 | Intuit QuickBooks 2009 through 2012 might allow remote attackers to obtain pathname information via the qbwc://docontrol/GetC... | 2.9 - LOW | 2012-04-25 | 2017-12-19 |
| CVE-2012-2421 | Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpA... | 1.8 - LOW | 2012-04-25 | 2021-07-23 |
| CVE-2012-2420 | The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit Quick... | 1.8 - LOW | 2012-04-25 | 2021-07-23 |
| CVE-2012-2419 | Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll ... | 1.8 - LOW | 2012-04-25 | 2021-07-23 |
| CVE-2012-2418 | Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggab... | 6.8 - MEDIUM | 2012-04-25 | 2021-07-23 |
| CVE-2010-5198 | Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan ho... | 6.9 - MEDIUM | 2012-09-06 | 2012-09-13 |
| CVE-2007-6387 | Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage ... | 9.3 - HIGH | 2007-12-15 | 2017-09-29 |
| CVE-2007-4471 | Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers... | 9.3 - HIGH | 2007-09-05 | 2017-07-29 |
| CVE-2007-0322 | Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attacker... | 9.3 - HIGH | 2007-09-05 | 2017-07-29 |
| CVE-2001-0465 | TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, whi... | 4.6 - MEDIUM | 2001-06-18 | 2017-10-10 |
Known software with vulnerabilities from Intuit
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Intuit | Lacerte | 1991 |
| Application | Intuit | Quickbooks | 2009 |
| Application | Intuit | Quicken | 20.1.7.4 |
| Application | Intuit | Quicken 2018 | 5.2.2 |