Filtered by vendor Cybozu
Subscriptions
Total
324 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8483 | 1 Cybozu | 1 Office | 2024-08-06 | N/A |
| Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | ||||
| CVE-2015-8484 | 1 Cybozu | 1 Office | 2024-08-06 | N/A |
| Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152. | ||||
| CVE-2015-7796 | 1 Cybozu | 1 Office | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | ||||
| CVE-2015-7775 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-1197. | ||||
| CVE-2015-7795 | 1 Cybozu | 1 Office | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | ||||
| CVE-2015-7776 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vulnerability than CVE-2016-1196. | ||||
| CVE-2015-7798 | 1 Cybozu | 1 Office | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150. | ||||
| CVE-2015-7797 | 1 Cybozu | 1 Office | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150. | ||||
| CVE-2015-5646 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-863 and CyVDB-867. | ||||
| CVE-2015-5647 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866. | ||||
| CVE-2015-5649 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges. | ||||
| CVE-2016-7833 | 1 Cybozu | 1 Dezie | 2024-08-06 | N/A |
| Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | ||||
| CVE-2016-7832 | 1 Cybozu | 1 Dezie | 2024-08-06 | N/A |
| Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | ||||
| CVE-2016-7802 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2016-7815 | 1 Cybozu | 1 Remote Service Manager | 2024-08-06 | N/A |
| Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network. | ||||
| CVE-2016-7803 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. | ||||
| CVE-2016-7816 | 1 Cybozu | 1 Kintone | 2024-08-06 | N/A |
| The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2016-7801 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors. | ||||
| CVE-2016-4908 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors. | ||||
| CVE-2016-4909 | 1 Cybozu | 1 Garoon | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors. | ||||