← Back

Cybozu

cybozu

330 CVEs • 21 products

Products (21)

Click to collapse
Toggle
Garoon
garoon
198 CVEs
Office
office
71 CVEs
Remote Service Manager
remote_service_manager
22 CVEs
Mailwise
mailwise
14 CVEs
Cybozu Office
cybozu_office
7 CVEs
Dezie
dezie
6 CVEs
Kunai
kunai
6 CVEs
Cybozu Live
cybozu_live
4 CVEs
Kintone
kintone
4 CVEs
Collaborex
collaborex
2 CVEs
Cybozu Dezie
cybozu_dezie
2 CVEs
Cybozu Remote Service
cybozu_remote_service
2 CVEs
Share360
share360
1 CVE
Share 360
share_360
1 CVE
Cybozu Ag
cybozu_ag
1 CVE
Cybozu Pocket
cybozu_pocket
1 CVE
Garoon 1
garoon_1
1 CVE
Cybozu Garoon
cybozu_garoon
1 CVE
Cybozu Dotsales
cybozu_dotsales
1 CVE
Kunai Browser For Remote Service
kunai_browser_for_remote_service
1 CVE
Desktop
desktop
1 CVE

CVEs (330)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-2094
1Cybozu
1Garoon
May 13, 2026
Apr 28, 2017
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Workflow and the "MultiReport" function to alter or delete information via unspecified vectors.
CVE-2017-2093
1Cybozu
1Garoon
May 13, 2026
Apr 28, 2017
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain tokens used for CSRF protection via unspecified vectors.
CVE-2017-2092
1Cybozu
1Garoon
May 13, 2026
Apr 28, 2017
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-2091
1Cybozu
1Garoon
May 13, 2026
Apr 28, 2017
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Phone Messages function to alter the status of phone messages via unspecified vectors.
CVE-2016-7815
1Cybozu
1Remote Service Manager
May 13, 2026
Apr 28, 2017
N/A· v4
4.2 MEDIUM· v3
4.9 MEDIUM· v2
Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.
CVE-2016-1187
1Cybozu
1Kunai
May 13, 2026
Apr 21, 2017
N/A· v4
6.8 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates.
CVE-2016-1186
1Cybozu
1Kintone
May 13, 2026
Apr 21, 2017
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates.
CVE-2016-4841
1Cybozu
1Mailwise
May 13, 2026
Apr 21, 2017
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.
CVE-2016-1194
1Cybozu
1Garoon
May 13, 2026
Apr 21, 2017
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service.
CVE-2016-4844
1Cybozu
1Mailwise
May 13, 2026
Apr 20, 2017
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks.
CVE-2016-4843
1Cybozu
1Mailwise
May 13, 2026
Apr 20, 2017
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.
CVE-2016-4842
1Cybozu
1Mailwise
May 13, 2026
Apr 20, 2017
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read.
CVE-2016-1220
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Cybozu Garoon before 4.2.2 does not properly restrict access.
CVE-2016-1218
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
SQL injection vulnerability in Cybozu Garoon before 4.2.2.
CVE-2016-1217
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2.
CVE-2016-1216
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2.
CVE-2016-1215
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the "User details" function in Cybozu Garoon before 4.2.2.
CVE-2016-1214
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the "Response request" function in Cybozu Garoon before 4.2.2.
CVE-2016-1213
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
6.1 MEDIUM· v3
5.8 MEDIUM· v2
The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites.
CVE-2016-1219
1Cybozu
1Garoon
May 13, 2026
Apr 20, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use.