Filtered by vendor Handysoft
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26630 | 2 Handysoft, Microsoft | 2 Groupware, Windows | 2022-06-01 | 7.5 HIGH | 9.8 CRITICAL |
| Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function. | |||||
| CVE-2021-26608 | 2 Handysoft, Microsoft | 2 Hshell, Windows | 2021-09-22 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash. | |||||