Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cybozu Subscribe
Total 311 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16172 1 Cybozu 1 Remote Service Manager 2020-08-24 5.8 MEDIUM 6.5 MEDIUM
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate.
CVE-2018-16178 1 Cybozu 1 Garoon 2020-08-24 5.0 MEDIUM 7.5 HIGH
Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access restriction to view information available only for a sign-on user via Single sign-on function.
CVE-2019-5943 1 Cybozu 1 Garoon 2020-08-24 4.0 MEDIUM 4.3 MEDIUM
Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to view the information without view privileges via the application 'Bulletin' and the application 'Cabinet'.
CVE-2019-5930 1 Cybozu 1 Garoon 2020-08-24 4.0 MEDIUM 4.3 MEDIUM
Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'.
CVE-2017-2116 1 Cybozu 1 Office 2020-08-24 4.0 MEDIUM 4.3 MEDIUM
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors.
CVE-2017-2144 1 Cybozu 1 Garoon 2020-08-24 5.8 MEDIUM 5.4 MEDIUM
Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page.
CVE-2020-5588 1 Cybozu 1 Garoon 2020-07-02 4.0 MEDIUM 4.9 MEDIUM
Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors.
CVE-2020-5581 1 Cybozu 1 Garoon 2020-07-02 4.0 MEDIUM 6.5 MEDIUM
Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors.
CVE-2020-5585 1 Cybozu 1 Garoon 2020-07-02 3.5 LOW 4.8 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.
CVE-2020-5586 1 Cybozu 1 Garoon 2020-07-02 3.5 LOW 4.8 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.
CVE-2020-5572 1 Cybozu 1 Mailwise 2020-05-29 2.1 LOW 4.6 MEDIUM
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors.
CVE-2020-5573 1 Cybozu 1 Kintone 2020-05-29 2.1 LOW 4.6 MEDIUM
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors.
CVE-2020-5537 1 Cybozu 1 Desktop 2020-05-27 7.5 HIGH 9.8 CRITICAL
Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.
CVE-2020-5562 1 Cybozu 1 Garoon 2020-05-01 4.0 MEDIUM 4.9 MEDIUM
Server-side request forgery (SSRF) vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows a remote attacker with an administrative privilege to issue arbitrary HTTP requests to other web servers via V-CUBE Meeting function.
CVE-2020-5567 1 Cybozu 1 Garoon 2020-04-30 5.0 MEDIUM 7.5 HIGH
Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu.
CVE-2020-5568 1 Cybozu 1 Garoon 2020-04-30 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'.
CVE-2020-5563 1 Cybozu 1 Garoon 2020-04-30 5.0 MEDIUM 5.3 MEDIUM
Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in the affected product via the API.
CVE-2020-5565 1 Cybozu 1 Garoon 2020-04-30 4.0 MEDIUM 4.3 MEDIUM
Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'.
CVE-2020-5564 1 Cybozu 1 Garoon 2020-04-30 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'.
CVE-2019-6022 1 Cybozu 1 Office 2019-12-30 4.0 MEDIUM 6.5 MEDIUM
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.