Vulnerabilities > Tobesoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-30 | CVE-2021-26612 | Improper Input Validation vulnerability in Tobesoft Nexacro 14.0.0.0/14.0.1.3600 An improper input validation leading to arbitrary file creation was discovered in copy method of Nexacro platform. | 7.5 |
| 2021-07-20 | CVE-2020-7866 | Improper Input Validation vulnerability in Tobesoft Xplatform When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, arbitrary commands can be executed due to improper input validation | 7.5 |
| 2021-04-20 | CVE-2020-7857 | Improper Input Validation vulnerability in Tobesoft Xplatform A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. | 7.5 |
| 2021-03-24 | CVE-2020-7853 | Out-of-bounds Read vulnerability in Tobesoft Xplatform An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. | 7.5 |
| 2020-07-10 | CVE-2020-7815 | Injection vulnerability in Tobesoft Xplatform XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. | 7.5 |
| 2020-05-06 | CVE-2020-7806 | Download of Code Without Integrity Check vulnerability in Tobesoft Xplatform Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. | 7.5 |
| 2020-05-06 | CVE-2019-19167 | Unspecified vulnerability in Tobesoft Nexacro 2019.9.25.1 Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control. | 7.5 |