← Back

Cybozu

cybozu

330 CVEs • 21 products

Products (21)

Click to collapse
Toggle
Garoon
garoon
198 CVEs
Office
office
71 CVEs
Remote Service Manager
remote_service_manager
22 CVEs
Mailwise
mailwise
14 CVEs
Cybozu Office
cybozu_office
7 CVEs
Dezie
dezie
6 CVEs
Kunai
kunai
6 CVEs
Cybozu Live
cybozu_live
4 CVEs
Kintone
kintone
4 CVEs
Collaborex
collaborex
2 CVEs
Cybozu Dezie
cybozu_dezie
2 CVEs
Cybozu Remote Service
cybozu_remote_service
2 CVEs
Share360
share360
1 CVE
Share 360
share_360
1 CVE
Cybozu Ag
cybozu_ag
1 CVE
Cybozu Pocket
cybozu_pocket
1 CVE
Garoon 1
garoon_1
1 CVE
Cybozu Garoon
cybozu_garoon
1 CVE
Cybozu Dotsales
cybozu_dotsales
1 CVE
Kunai Browser For Remote Service
kunai_browser_for_remote_service
1 CVE
Desktop
desktop
1 CVE

CVEs (330)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-0558
1Cybozu
1Mailwise
Nov 21, 2024
Jun 26, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors.
CVE-2018-0557
1Cybozu
1Mailwise
Nov 21, 2024
Jun 26, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors.
CVE-2018-0529
1Cybozu
1Office
Nov 21, 2024
Jun 26, 2018
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2018-0528
1Cybozu
1Office
Nov 21, 2024
Jun 26, 2018
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors.
CVE-2018-0527
1Cybozu
1Office
Nov 21, 2024
Jun 26, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0526
1Cybozu
1Office
Nov 21, 2024
Jun 26, 2018
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors.
CVE-2018-0551
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0550
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors.
CVE-2018-0549
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0548
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
4.3 MEDIUM· v3
5.0 MEDIUM· v2
Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors.
CVE-2018-0533
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of session authentication via unspecified vectors.
CVE-2018-0532
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
2.7 LOW· v3
4.0 MEDIUM· v2
Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors.
CVE-2018-0531
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors.
CVE-2018-0530
1Cybozu
1Garoon
Nov 21, 2024
Apr 16, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2017-10857
1Cybozu
1Office
May 13, 2026
Oct 12, 2017
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.
CVE-2017-2258
1Cybozu
1Garoon
May 13, 2026
Aug 29, 2017
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications".
CVE-2017-2257
1Cybozu
1Garoon
May 13, 2026
Aug 29, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via mail function.
CVE-2017-2256
1Cybozu
1Garoon
May 13, 2026
Aug 29, 2017
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo".
CVE-2017-2255
1Cybozu
1Garoon
May 13, 2026
Aug 29, 2017
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space".
CVE-2017-2254
1Cybozu
1Garoon
May 13, 2026
Aug 29, 2017
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input