verifone 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには バッファオーバーフロー、vendor risk sql injection, and vendor risk memory corruption があり、vendor surface production workloads and vendor surface software deployment の利用場面で アプリケーションクラッシュ、vendor impact memory corruption, and vendor impact data exposure などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-0750 | Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5. | [email protected] | 8.7 | 0.29% | 2026-01-28 | 2026-03-09 |
| CVE-2019-14719 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager. | [email protected] | 7.8 | 0.89% | 2020-10-23 | 2024-11-21 |
| CVE-2019-14718 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation. | [email protected] | 6.7 | 1.18% | 2020-10-23 | 2024-11-21 |
| CVE-2019-14717 | Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call. | [email protected] | 7.8 | 0.32% | 2020-10-23 | 2024-11-21 |
| CVE-2019-14716 | Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out). | [email protected] | 6.6 | 0.32% | 2020-10-23 | 2024-11-21 |
| CVE-2019-14715 | Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation. | [email protected] | 6.8 | 0.33% | 2020-10-23 | 2024-11-21 |
| CVE-2019-14713 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages. | [email protected] | 5.5 | 0.30% | 2020-10-23 | 2024-11-21 |
| CVE-2019-14712 | Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation. | [email protected] | 7.8 | 0.34% | 2020-10-23 | 2024-11-21 |
| CVE-2019-14711 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass. | [email protected] | 7.0 | 0.21% | 2020-10-23 | 2024-11-21 |
| CVE-2019-10060 | The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability. | [email protected] | 8.1 | 1.68% | 2019-03-26 | 2024-11-21 |
| CVE-2012-4951 | Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter. | [email protected] | 7.5 | 1.52% | 2012-11-15 | 2026-04-29 |