Known Vulnerabilities for products from Verifone
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Verifone".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Verifone can be found at device.report : Verifone
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-14719 json | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated ... | 7.8 - HIGH | 2020-10-23 | 2021-07-21 |
| CVE-2019-14718 json | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbi... | 6.7 - MEDIUM | 2020-10-23 | 2020-10-28 |
| CVE-2019-14717 json | Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call. | 7.8 - HIGH | 2020-10-23 | 2020-10-30 |
| CVE-2019-14716 json | Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out). | 6.6 - MEDIUM | 2020-10-23 | 2020-10-30 |
| CVE-2019-14715 json | Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operati... | 6.8 - MEDIUM | 2020-10-23 | 2020-10-30 |
| CVE-2019-14713 json | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages. | 5.5 - MEDIUM | 2020-10-23 | 2020-10-28 |
| CVE-2019-14712 json | Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation. | 7.8 - HIGH | 2020-10-23 | 2020-10-30 |
| CVE-2019-14711 json | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass. | 7 - HIGH | 2020-10-23 | 2021-07-21 |
| CVE-2019-10060 json | The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows att... | 8.1 - HIGH | 2019-03-26 | 2019-03-28 |
| CVE-2012-4951 json | Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allo... | Not Provided | 2012-11-15 | 2026-04-29 |
Known software with vulnerabilities from Verifone
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Verifone | Mx900 | - |
| Operating System | Verifone | Mx900 Firmware | 30251000 |
| Application | Verifone | Vericentre Web Console | 2.0 |
| Application | Verifone | Verix Multi-app Conductor | 2.7 |
| Operating System | Verifone | Verix Os | qt000530 |
| Hardware | Verifone | Vx520 | - |