12 matches found
CVE-2026-20711
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...
Cybozu Garoon 安全漏洞
Cybozu Garoon is a portal-based OA office system developed by Cybozu Corporation. This system provides functions such as portals, email, bookmarks, calendar management, bulletin boards, and file management. Versions of Cybozu Garoon from 5.0.0 to 6.0.3 have security vulnerabilities. These...
CVE-2025-68271
OpenC3 COSMOS (versions 5.0.0–6.10.1) has a critical remote code execution vulnerability exploitable via the JSON-RPC API. The flaw occurs when parsing attacker-controlled parameter text with String#convert_to_value; for array-like inputs, convert_to_value may execute eval(), allowing an unauthen...
PT-2024-24050 · Cybozu · Cybozu Garoon
Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 5.0.0 through 6.0.0 Description: The issue allows a remote authenticated attacker to alter and/or obtain the data of Memo due to an incorrect authorization vulnerability. Recommendations: For Cybozu Garoon versions 5.0....
UBUNTU-CVE-2023-33285
An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server...
com.buession.cas:buession-cas-captcha (>=2.0.0 <=2.2.1), com.buession.cas:buession-cas-oauth (>=2.3.0 <=2.3.2) +240 more potentially affected by CVE-2021-42567 via org.apereo.cas:cas-server-core-web (>=5.0.0 <=6.4.1)
org.apereo.cas:cas-server-core-web MAVEN version =5.0.0, =2.0.0, =2.3.0, =1.1.0, =1.1.0, =2.3.0, =1.2.0, =1.1.0, =1.1.0, =5.0.0, =5.0.0, =6.3.1, =6.1.7, =6.3.1, =6.3.1, =6.3.10 and more Source cves: CVE-2021-42567 Source advisory: OSV:GHSA-GFHX-JJWQ-63GV...
IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-07327)
IBM Rational Quality Manager is the collaborative center for business-driven software and system quality across virtually any platform and any type of test. The software helps teams seamlessly share information, use automation to accelerate projects, and report metrics for targeted release...
IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-07326)
IBM Rational Quality Manager is the collaborative center for business-driven software and system quality across virtually any platform and any type of test. The software helps teams seamlessly share information, use automation to accelerate projects, and report metrics for targeted release...
IBM Rational Engineering Lifecycle Manager Information Disclosure Vulnerability (CNVD-2019-07358)
IBM Rational Engineering Lifecycle Manager is a product lifecycle management application that helps you visualize, analyze, and gain insight into engineering lifecycle data. An information disclosure vulnerability exists in IBM Rational Engineering Lifecycle Manager 5.0 - 6.0.6. A malicious user...
CVE-2018-1952
IBM Jazz Foundation IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2018-1658
IBM Jazz Foundation IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6 is vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrar...
CVE-2018-1407
IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...