Cybozu Security Vulnerabilities
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded...
6.4AI Score
0.0004EPSS
Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS)...
6.8AI Score
0.0004EPSS
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote authenticated attacker to alter and/or obtain the data of...
6.6AI Score
0.0004EPSS
Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script on the web browser of the user who is logging in to the...
6.4AI Score
0.0004EPSS
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of...
6.6AI Score
0.0004EPSS
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of...
6.4AI Score
0.0004EPSS
Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS)...
6.7AI Score
0.0004EPSS
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared...
6.8AI Score
0.0004EPSS
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain...
7.5CVSS
7.4AI Score
0.001EPSS
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed...
6.5CVSS
6.2AI Score
0.001EPSS
Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS)...
6.5CVSS
6.2AI Score
0.001EPSS
Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified...
4.3CVSS
4.5AI Score
0.001EPSS
Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of...
4.3CVSS
4.4AI Score
0.001EPSS
Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of...
8.1CVSS
7.7AI Score
0.002EPSS
Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the...
5.3CVSS
5.7AI Score
0.001EPSS
Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of...
4.3CVSS
4.7AI Score
0.001EPSS
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing...
6.5CVSS
6.2AI Score
0.001EPSS
Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to disable to add...
4.3CVSS
4.7AI Score
0.001EPSS
Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of...
4.3CVSS
4.7AI Score
0.001EPSS
Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified...
4.3CVSS
4.7AI Score
0.001EPSS
Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of...
4.3CVSS
4.7AI Score
0.001EPSS
Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remote authenticated attacker to alter the data of...
4.3CVSS
4.7AI Score
0.001EPSS
Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of...
4.3CVSS
4.7AI Score
0.001EPSS
Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Address Book via unspecified...
4.3CVSS
4.6AI Score
0.001EPSS
Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of...
4.3CVSS
4.7AI Score
0.001EPSS
Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of...
5.4CVSS
5.6AI Score
0.001EPSS
Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of...
4.3CVSS
4.7AI Score
0.001EPSS
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service...
6.5CVSS
6.4AI Score
0.001EPSS
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or...
4.3CVSS
4.4AI Score
0.001EPSS
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service...
6.5CVSS
6.1AI Score
0.001EPSS
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of...
4.3CVSS
4.4AI Score
0.001EPSS
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS)...
7.5CVSS
7.2AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows remote attackers to inject arbitrary web script or HTML via an HTML...
6AI Score
0.002EPSS
The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file:...
7.2AI Score
0.006EPSS
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web...
7.3AI Score
0.004EPSS
The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file:...
7.4AI Score
0.002EPSS
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web...
7.1AI Score
0.004EPSS
The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file:...
7.3AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...
5.7AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files...
5.7AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list...
5.7AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board...
5.7AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 3.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified...
5.8AI Score
0.001EPSS
SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging...
8.2AI Score
0.002EPSS
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change...
7.3AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified...
5.8AI Score
0.001EPSS
Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own...
6.3AI Score
0.002EPSS
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008...
7.1AI Score
0.018EPSS
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because.....
6.9AI Score
0.006EPSS
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified...
6.1CVSS
6AI Score
0.001EPSS