CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28806

Malware in sbrugna...

8.8CVSS8.6AI score0.00233EPSS

NVD•added 2021/09/09 1:15 p.m.•11 views

CVE-2020-7874

8.8CVSS0.00233EPSS

OSV•added 2021/09/09 1:15 p.m.•0 views

CVE-2020-7874

8.8CVSS7.5AI score0.00233EPSS

Prion•added 2021/09/09 1:15 p.m.•9 views

Input validation

6.8CVSS8.8AI score0.00233EPSS

Exploits0References1Affected Software1

CVE•added 2021/09/09 12:49 p.m.•40 views

CVE-2020-7874

The CVE-2020-7874 entry relates to the NEXACRO14 Runtime ActiveX control from Tobesoft Co., Ltd. Affected component: NEXACRO14 Runtime ActiveX control. Root cause: incomplete validation of the file download URL or file extension. Consequence: enables arbitrary file download and execution. Exploit...

8.8CVSS9AI score0.00233EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/09/09 12:49 p.m.•7 views

CVE-2020-7874 NEXACRO14 Runtime arbitrary file download and execution vulnerability

8.8CVSS8.9AI score0.00233EPSS

CNNVD•added 2021/09/09 12:0 a.m.•1 views

Tobesoft NEXACRO14 安全漏洞

Tobesoft NEXACRO14 is a BUX platform from Tobesoft Korea, developed as a JavaScript-based stand-alone framework to accommodate the company's various development needs. Applications developed using the Nexacro platform require no additional development to achieve the same functionality across a wi...

8.8CVSS8.2AI score0.00233EPSS

NVD•added 2020/07/02 1:15 p.m.•8 views

CVE-2020-7821

Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC...

9.8CVSS0.00965EPSS

Prion•added 2020/07/02 1:15 p.m.•14 views

Design/Logic Flaw

7.5CVSS9.7AI score0.00965EPSS

Prion•added 2020/07/02 1:15 p.m.•13 views

Code injection

Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC...

7.5CVSS9.7AI score0.00965EPSS

CVE•added 2020/07/02 12:40 p.m.•42 views

CVE-2020-7820

CVE-2020-7820 affects Nexacro14/17 ExtCommonApiV13 Library versions prior to 2019.9.6. The connected documents describe an input handling/validation flaw in the ExtCommonApiV13 component that could allow a remote attacker to execute arbitrary code by supplying crafted arguments to the vulnerable ...

9.8CVSS9.1AI score0.00965EPSS

Cvelist•added 2020/07/02 12:40 p.m.•11 views

CVE-2020-7820 Tobesoft NEXACRO14/17 ExCommonApiV13 Arbitrary Code Execution Vulnerability

7.8CVSS9.7AI score0.00965EPSS

Cvelist•added 2020/07/02 12:37 p.m.•9 views

CVE-2020-7821 Tobesoft NEXACRO14/17 ExCommonApiV13 Arbitrary Code Execution Vulnerability

7.8CVSS9.7AI score0.00965EPSS

CVE•added 2020/07/02 12:37 p.m.•70 views

CVE-2020-7821

Nexacro14/17 ExtCommonApiV13 Library (versions prior to 2019.9.6) contains an input validation error that could allow a remote attacker to execute arbitrary code by modifying a registry path. This vulnerability is cited across multiple sources (Red Hat, CNVD, CVE listings) and is described as ena...

9.8CVSS9.1AI score0.00965EPSS

Cvelist•added 2020/05/06 12:47 p.m.•9 views

CVE-2019-19167 Tobesoft Nexacro14 ActiveX File Download Vulnerability

Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control. It allows attacker to cause remote code execution...

7.8CVSS9.9AI score0.00464EPSS