Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intuit vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-11338
Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list in cleartext over SMB, which allows malicious users to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vector...
Intuit Lacerte
7.1
CVSSv3
CVE-2018-3854
An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. A specially crafted sqlite3 request can cause the removal of the password protection, allowing an malicious user to access and modify ...
Intuit Quicken 2018 5.2.2
5.9
CVSSv3
CVE-2018-14833
Intuit Lacerte 2017 has Incorrect Access Control.
Intuit Lacerte
NA
CVE-2010-5198
Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, ....
Intuit Quickbooks 2010
NA
CVE-2012-2420
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote malicious users to obtain sensitive information via a URI with a % (percent) ch...
Intuit Quickbooks 2010
Intuit Quickbooks 2011
Intuit Quickbooks 2012
Intuit Quickbooks 2009
NA
CVE-2012-2422
Intuit QuickBooks 2009 through 2012 might allow remote malicious users to obtain pathname information via the qbwc://docontrol/GetCompanyFile functionality.
Intuit Quickbooks 2010
Intuit Quickbooks 2011
Intuit Quickbooks 2009
Intuit Quickbooks 2012
NA
CVE-2012-2425
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote malicious users to cause a denial of service (application crash) via a long URI.
Intuit Quickbooks 2009
Intuit Quickbooks 2010
Intuit Quickbooks 2011
Intuit Quickbooks 2012
NA
CVE-2012-2421
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote malicious users to read arbitrary file...
Intuit Quickbooks 2012
Intuit Quickbooks 2009
Intuit Quickbooks 2010
Intuit Quickbooks 2011
NA
CVE-2012-2418
Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote malicious users to cause a denial of service (memory c...
Intuit Quickbooks 2011
Intuit Quickbooks 2012
Intuit Quickbooks 2009
Intuit Quickbooks 2010
NA
CVE-2012-2419
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote malicious users to cause a denial of service (memory consumption) via...
Intuit Quickbooks 2011
Intuit Quickbooks 2012
Intuit Quickbooks 2009
Intuit Quickbooks 2010
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »