Lucene search
K

10 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/07/16 12:0 a.m.20 views

JVN#74825766: Cybozu Garoon vulnerable to cross-site scripting

Cybozu Garoon provided by Cybozu, Inc. contains a cross-site scripting vulnerability in PDF preview CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the Software Update the software to the latest version according to the information provided by...

5.4CVSS5.3AI score0.00249EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/10/31 12:0 a.m.44 views

JVN#94132951: Cybozu Remote Service vulnerable to uncontrolled resource consumption

Cybozu Remote Service provided by Cybozu, Inc. is vulnerable to uncontrolled resource consumption CWE-400. Impact Certain operations performed by a logged-in user may lead to huge storage space consumption or significantly delayed communication. Solution Update the Software Update the software to...

6.5CVSS6.4AI score0.00616EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/12/17 12:0 a.m.66 views

JVN#79854355: Multiple vulnerabilities in Cybozu Office

Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Directory traversal in the "Customapp" function CWE-22 - CVE-2019-6022 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N| Base Score: 7.7 CVSS v2|...

6.5CVSS5.7AI score0.02021EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/11/28 12:0 a.m.28 views

JVN#20252219: kintone mobile for Android fails to verify SSL server certificates

kintone mobile for Android provided by Cybozu, Inc. fails to verify SSL server certificates in WebView. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provid...

5.9CVSS5.5AI score0.00728EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/15 12:0 a.m.32 views

JVN#75990997: Cybozu Garoon vulnerable to access restriction bypass

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the function "Portlets", which may result in an access restriction bypass vulnerability CWE-264. Impact Portlets may be altered by another Cybozu Garoon user. Solution Update the Software Update to the lates...

4CVSS6.2AI score0.01107EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/04/18 12:0 a.m.34 views

JVN#00058727: Cybozu Remote Service Manager vulnerable to session fixation

Remote Service Manager provided by Cybozu,Inc. is a software to access on-premise systems such as Cybozu products via "Cybozu Remote Service". Remote Service Manager contains a session fixation vulnerability. Impact A remote, unauthenticated attacker may impersonate a registered user. As a result...

6.8CVSS6.5AI score0.01734EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/04/18 12:0 a.m.37 views

JVN#10319260: Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)

Remote Service Manager provided by Cybozu,Inc. is a software to access on-premise systems such as Cybozu products via "Cybozu Remote Service". Remote Service Manager contains a denial-of-service DoS vulnerability. Impact An attacker may cause a denial-of-service on a server that is installed Remo...

7.8CVSS6AI score0.02334EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/02/26 12:0 a.m.28 views

JVN#71045461: Cybozu Garoon vulnerable to SQL injection

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the process of downloading files, which may result in SQL injection. Impact A user who can log in to the system may obtain or alter information on the system. Solution For Cybozu Garoon 3.7: Apply the Patch...

6.5CVSS7.1AI score0.0104EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/12/10 12:0 a.m.41 views

JVN#21336955: Cybozu Dezie vulnerable to cross-site scripting

Cybozu Dezie provided by Cybozu, Inc. contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of a user that is logged on. Solution Update the Software Update to the latest version according to the information provided by the developer. Product...

4.3CVSS5.9AI score0.01284EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/12/03 12:0 a.m.40 views

JVN#84221103: Cybozu Garoon vulnerable to mail header injection

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a mail header injection vulnerability in the Phone Messages function. Impact If the function that forwards Phone Messages to an email address is configured, the header of the email to be forwarded may be altered. Solutio...

3.5CVSS6.5AI score0.00962EPSS
Exploits0
Rows per page
Query Builder