Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Evernote Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19658 2 Apple, Evernote 2 Macos, Yinxiang Biji 2021-09-08 3.5 LOW 5.4 MEDIUM
The Markdown editor in YXBJ before 8.3.2 on macOS has stored XSS. This behavior may be encountered by some Evernote users; however, it is a vulnerability in YXBJ, not a vulnerability in Evernote.
CVE-2013-5112 1 Evernote 1 Evernote 2020-02-10 2.1 LOW 4.6 MEDIUM
Evernote before 5.5.1 has insecure PIN storage
CVE-2019-12592 1 Evernote 1 Web Clipper 2019-06-19 4.3 MEDIUM 6.1 MEDIUM
A universal Cross-site scripting (UXSS) vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame.
CVE-2018-18524 1 Evernote 1 Evernote 2019-05-13 4.3 MEDIUM 6.1 MEDIUM
Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. An attacker can use this XSS issue to inject Node.js code under Present mode. After a victim opens an affected note under Present mode, the attacker can read the victim's files and achieve remote execution command on the victim's computer.
CVE-2018-20351 1 Evernote 1 Evernote 2019-01-09 4.3 MEDIUM 6.1 MEDIUM
The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832.