Shodan
Vulnerabilities
Vulnerable Software
Verifone:  Security Vulnerabilities
CVE-2026-0750
Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5.
CVSS Score
8.7
EPSS Score
0.0
Published
2026-01-28
CVE-2019-14719
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.
CVSS Score
7.8
EPSS Score
0.004
Published
2020-10-23
CVE-2019-14711
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.
CVSS Score
7.0
EPSS Score
0.0
Published
2020-10-23
CVE-2019-14712
Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-10-23
CVE-2019-14713
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-10-23
CVE-2019-14715
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-10-23
CVE-2019-14716
Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out).
CVSS Score
6.6
EPSS Score
0.001
Published
2020-10-23
CVE-2019-14717
Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-10-23
CVE-2019-14718
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation.
CVSS Score
6.7
EPSS Score
0.001
Published
2020-10-23
CVE-2019-10060
The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability.
CVSS Score
8.1
EPSS Score
0.014
Published
2019-03-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved