VYPR
Vendor

Linear

Products
1
CVEs
23
Across products
23
Status
Private

Products

1

Recent CVEs

23
View all 23 CVEs →
  • CVE-2019-7256CriKEVJul 2, 2019
    risk 0.86cvss 9.8epss 0.97

    Linear eMerge E3-Series devices allow Command Injections.

  • CVE-2019-7257CriJul 2, 2019
    risk 0.74cvss 10.0epss 0.70

    Linear eMerge E3-Series devices allow Unrestricted File Upload.

  • CVE-2019-7269CriJul 2, 2019
    risk 0.70cvss 9.8epss 0.40

    Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.

  • CVE-2024-9441CriOct 2, 2024
    risk 0.69cvss 9.8epss 0.54

    The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP.

  • CVE-2019-7265CriJul 2, 2019
    risk 0.69cvss 9.8epss 0.23

    Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH).

  • CVE-2019-7268CriJul 2, 2019
    risk 0.66cvss 10.0epss 0.06

    Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.

  • CVE-2019-7267CriJul 2, 2019
    risk 0.65cvss 9.8epss 0.21

    Linear eMerge 50P/5000P devices allow Cookie Path Traversal.

  • CVE-2019-7253CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.03

    Linear eMerge E3-Series devices allow Directory Traversal.

  • CVE-2019-7252CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.05

    Linear eMerge E3-Series devices have Default Credentials.

  • CVE-2019-7261CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.05

    Linear eMerge E3-Series devices have Hard-coded Credentials.

  • CVE-2019-7260CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.07

    Linear eMerge E3-Series devices have Cleartext Credentials in a Database.

  • CVE-2019-7266CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.05

    Linear eMerge 50P/5000P devices allow Authentication Bypass.

  • CVE-2019-7264CriJul 2, 2019
    risk 0.64cvss 9.8epss 0.02

    Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on the ARM platform.

  • CVE-2019-7262HigJul 2, 2019
    risk 0.62cvss 8.8epss 0.16

    Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF).

  • CVE-2019-7258HigJul 2, 2019
    risk 0.59cvss 8.8epss 0.20

    Linear eMerge E3-Series devices allow Privilege Escalation.

  • CVE-2019-7254HigJul 2, 2019
    risk 0.58cvss 7.5epss 0.82

    Linear eMerge E3-Series devices allow File Inclusion.

  • CVE-2019-7259HigJul 2, 2019
    risk 0.58cvss 8.8epss 0.13

    Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure.

  • CVE-2020-9057HigJan 10, 2022
    risk 0.57cvss 8.8epss 0.00

    Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. An attacker can also capture and replay Z-Wave traffic. Firmware…

  • CVE-2020-9058HigJan 10, 2022
    risk 0.53cvss 8.1epss 0.00

    Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.

  • CVE-2024-12496MedJan 9, 2025
    risk 0.42cvss 6.4epss 0.00

    The Linear plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linear_block_buy_commissions' shortcode in all versions up to, and including, 2.7.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…