Filtered by vendor Cybozu
Subscriptions
Total
330 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2255 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space". | ||||
| CVE-2017-2254 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input | ||||
| CVE-2016-4842 | 1 Cybozu | 1 Mailwise | 2025-04-20 | N/A |
| Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read. | ||||
| CVE-2016-4866 | 1 Cybozu | 1 Office | 2025-04-20 | N/A |
| Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function. | ||||
| CVE-2017-2091 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Phone Messages function to alter the status of phone messages via unspecified vectors. | ||||
| CVE-2016-1220 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
| Cybozu Garoon before 4.2.2 does not properly restrict access. | ||||
| CVE-2014-1993 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| The Portlets subsystem in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2014-1992 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3.5.x, and 3.7.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-1989 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| Cybozu Garoon 3.0 through 3.7 SP3 allows remote authenticated users to bypass intended access restrictions and delete schedule information via unspecified API calls. | ||||
| CVE-2014-1988 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| The Phone Messages feature in Cybozu Garoon 2.0.0 through 3.7 SP2 allows remote authenticated users to cause a denial of service (resource consumption) via unspecified vectors. | ||||
| CVE-2014-1987 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2014-1983 | 1 Cybozu | 1 Remote Service Manager | 2025-04-12 | N/A |
| Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors. | ||||
| CVE-2014-5314 | 1 Cybozu | 3 Dezie, Mailwise, Office | 2025-04-12 | N/A |
| Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages. | ||||
| CVE-2015-8484 | 1 Cybozu | 1 Office | 2025-04-12 | N/A |
| Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152. | ||||
| CVE-2015-7775 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-1197. | ||||
| CVE-2015-5649 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges. | ||||
| CVE-2015-8483 | 1 Cybozu | 1 Office | 2025-04-12 | N/A |
| Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | ||||
| CVE-2015-5647 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866. | ||||
| CVE-2015-5646 | 1 Cybozu | 1 Garoon | 2025-04-12 | N/A |
| Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-863 and CyVDB-867. | ||||
| CVE-2015-8486 | 1 Cybozu | 1 Office | 2025-04-12 | N/A |
| Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152. | ||||