Cybozu

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-2172 1Cybozu 1Kunai May 13, 2026 Jul 7, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-2146 1Cybozu 1Garoon May 13, 2026 Jul 7, 2017 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu.
CVE-2017-2145 1Cybozu 1Garoon May 13, 2026 Jul 7, 2017 N/A· v4 5.4 MEDIUM· v3 5.8 MEDIUM· v2 Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors.
CVE-2017-2144 1Cybozu 1Garoon May 13, 2026 Jul 7, 2017 N/A· v4 5.4 MEDIUM· v3 5.8 MEDIUM· v2 Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page.
CVE-2016-7833 1Cybozu 1Dezie May 13, 2026 Jun 9, 2017 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
CVE-2016-7832 1Cybozu 1Dezie May 13, 2026 Jun 9, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
CVE-2016-7816 1Cybozu 1Kintone May 13, 2026 Jun 9, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certif...Show more The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.Show less
CVE-2016-7803 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function.
CVE-2016-7802 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
CVE-2016-7801 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.
CVE-2016-4910 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to delete other operational administrators' MultiReport filters via unspecified vectors.
CVE-2016-4909 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.
CVE-2016-4908 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors.
CVE-2016-4907 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.
CVE-2016-4906 1Cybozu 1Garoon May 13, 2026 Jun 9, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.
CVE-2017-2116 1Cybozu 1Office May 13, 2026 Apr 28, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors.
CVE-2017-2115 1Cybozu 1Office May 13, 2026 Apr 28, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.
CVE-2017-2114 1Cybozu 1Office May 13, 2026 Apr 28, 2017 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-2109 1Cybozu 1Kunai May 13, 2026 Apr 28, 2017 N/A· v4 2.5 LOW· v3 2.6 LOW· v2 Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to obtain log information through a malicious Android application.
CVE-2017-2095 1Cybozu 1Garoon May 13, 2026 Apr 28, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors.

Previous 1...91011...17 Next