Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cybozu Subscribe
Total 311 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-5932 1 Cybozu 1 Garoon 2019-05-17 3.5 LOW 4.8 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Portal'.
CVE-2019-5940 1 Cybozu 1 Garoon 2019-05-17 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Scheduler'.
CVE-2019-5938 1 Cybozu 1 Garoon 2019-05-17 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'.
CVE-2019-5939 1 Cybozu 1 Garoon 2019-05-17 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Portal'.
CVE-2019-5937 1 Cybozu 1 Garoon 2019-05-17 3.5 LOW 5.4 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information.
CVE-2019-5947 1 Cybozu 1 Garoon 2019-05-17 3.5 LOW 5.4 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.
CVE-2019-5929 1 Cybozu 1 Garoon 2019-05-17 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the application 'Memo'.
CVE-2019-5928 1 Cybozu 1 Garoon 2019-05-17 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function.
CVE-2018-0705 1 Cybozu 1 Dezie 2019-01-15 7.5 HIGH 9.1 CRITICAL
Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests.
CVE-2018-0704 1 Cybozu 1 Office 2019-01-15 6.4 MEDIUM 7.5 HIGH
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen.
CVE-2018-0703 1 Cybozu 1 Office 2019-01-15 6.4 MEDIUM 7.5 HIGH
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests.
CVE-2018-0702 1 Cybozu 1 Mailwise 2019-01-15 6.4 MEDIUM 7.5 HIGH
Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 allows remote attackers to delete arbitrary files via unspecified vectors.
CVE-2018-16169 1 Cybozu 1 Remote Service Manager 2019-01-14 6.5 MEDIUM 8.8 HIGH
Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors.
CVE-2018-16171 2 Cybozu, Microsoft 2 Remote Service Manager, Windows 2019-01-14 6.8 MEDIUM 8.8 HIGH
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors.
CVE-2018-16170 2 Cybozu, Microsoft 2 Remote Service Manager, Windows 2019-01-14 6.5 MEDIUM 8.1 HIGH
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read arbitrary files via unspecified vectors.
CVE-2018-0673 1 Cybozu 1 Garoon 2018-12-14 5.5 MEDIUM 8.1 HIGH
Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows authenticated attackers to read arbitrary files via unspecified vectors.
CVE-2013-4703 1 Cybozu 1 Office 2018-10-30 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-1153 1 Cybozu 1 Office 2018-10-30 6.8 MEDIUM 6.5 MEDIUM
customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489.
CVE-2018-0607 1 Cybozu 1 Garoon 2018-09-24 6.5 MEDIUM 8.8 HIGH
SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2018-0527 1 Cybozu 1 Office 2018-08-09 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.