Filtered by vendor Cybozu
Subscriptions
Filtered by product Garoon
Subscriptions
Total
192 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-20763 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege. | ||||
| CVE-2021-20762 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated to alter the data of E-mail without the appropriate privilege. | ||||
| CVE-2021-20761 | 1 Cybozu | 1 Garoon | 2024-11-21 | 2.7 Low |
| Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege. | ||||
| CVE-2021-20760 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Improper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of User Profile without the appropriate privilege. | ||||
| CVE-2021-20759 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | ||||
| CVE-2021-20758 | 1 Cybozu | 1 Garoon | 2024-11-21 | 8.0 High |
| Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors. | ||||
| CVE-2021-20757 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | ||||
| CVE-2021-20756 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege. | ||||
| CVE-2021-20755 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege. | ||||
| CVE-2021-20754 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Improper input validation vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Workflow without the appropriate privilege. | ||||
| CVE-2021-20753 | 1 Cybozu | 1 Garoon | 2024-11-21 | 5.4 Medium |
| Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | ||||
| CVE-2020-5643 | 1 Cybozu | 1 Garoon | 2024-11-21 | 6.5 Medium |
| Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector. | ||||
| CVE-2020-5588 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.9 Medium |
| Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors. | ||||
| CVE-2020-5587 | 1 Cybozu | 1 Garoon | 2024-11-21 | 6.5 Medium |
| Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors. | ||||
| CVE-2020-5586 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.8 Medium |
| Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. | ||||
| CVE-2020-5585 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.8 Medium |
| Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. | ||||
| CVE-2020-5584 | 1 Cybozu | 1 Garoon | 2024-11-21 | 7.5 High |
| Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors. | ||||
| CVE-2020-5583 | 1 Cybozu | 1 Garoon | 2024-11-21 | 6.5 Medium |
| Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors. | ||||
| CVE-2020-5582 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors. | ||||
| CVE-2020-5581 | 1 Cybozu | 1 Garoon | 2024-11-21 | 6.5 Medium |
| Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. | ||||