← Back

Cybozu

cybozu

330 CVEs • 21 products

Products (21)

Click to collapse
Toggle
Garoon
garoon
198 CVEs
Office
office
71 CVEs
Remote Service Manager
remote_service_manager
22 CVEs
Mailwise
mailwise
14 CVEs
Cybozu Office
cybozu_office
7 CVEs
Dezie
dezie
6 CVEs
Kunai
kunai
6 CVEs
Cybozu Live
cybozu_live
4 CVEs
Kintone
kintone
4 CVEs
Collaborex
collaborex
2 CVEs
Cybozu Dezie
cybozu_dezie
2 CVEs
Cybozu Remote Service
cybozu_remote_service
2 CVEs
Share360
share360
1 CVE
Share 360
share_360
1 CVE
Cybozu Ag
cybozu_ag
1 CVE
Cybozu Pocket
cybozu_pocket
1 CVE
Garoon 1
garoon_1
1 CVE
Cybozu Garoon
cybozu_garoon
1 CVE
Cybozu Dotsales
cybozu_dotsales
1 CVE
Kunai Browser For Remote Service
kunai_browser_for_remote_service
1 CVE
Desktop
desktop
1 CVE

CVEs (330)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2013-6002
1Cybozu
1Garoon
Apr 29, 2026
Dec 5, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The server in Cybozu Garoon before 3.7 SP1 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
CVE-2013-6001
1Cybozu
1Garoon
Apr 29, 2026
Dec 5, 2013
N/A· v4
N/A· v3
6.5 MEDIUM· v2
SQL injection vulnerability in the Space function in Cybozu Garoon before 3.7 SP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4703
1Cybozu
1Office
Apr 29, 2026
Sep 10, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-4698
1Cybozu
1Mailwise
Apr 29, 2026
Aug 16, 2013
N/A· v4
N/A· v3
3.5 LOW· v2
Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mai...Show more
Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox.Show less
CVE-2013-3656
1Cybozu
1Cybozu Office
Apr 29, 2026
Jul 20, 2013
N/A· v4
N/A· v3
5.8 MEDIUM· v2
Cybozu Office 9.1.0 and earlier does not properly manage sessions, which allows remote attackers to bypass authentication by leveraging knowledge of a login URL.
CVE-2013-3647
1Cybozu
1Cybozu Live
Apr 29, 2026
Jun 18, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a lo...Show more
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because of a CVE-2012-4009 regression.Show less
CVE-2013-3646
1Cybozu
1Cybozu Live
Apr 29, 2026
Jun 18, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerabi...Show more
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression.Show less
CVE-2013-3269
1Cybozu
1Cybozu Office
Apr 29, 2026
Apr 25, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0 allows remote attackers to hijack the authentication of arbitrary users for requests that change mobile passwords, a diff...Show more
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0 allows remote attackers to hijack the authentication of arbitrary users for requests that change mobile passwords, a different vulnerability than CVE-2013-2305.Show less
CVE-2013-2305
1Cybozu
3Cybozu Dezie
Cybozu OfficeMailwise
Apr 29, 2026
Apr 25, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbi...Show more
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.Show less
CVE-2013-0702
1Cybozu
1Garoon
Apr 29, 2026
Feb 14, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 3.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0701
1Cybozu
1Garoon
Apr 29, 2026
Feb 14, 2013
N/A· v4
N/A· v3
6.0 MEDIUM· v2
SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege.
CVE-2012-4013
1Cybozu
1Kunai Browser For Remote Service
Apr 29, 2026
Sep 14, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that...Show more
The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.Show less
CVE-2012-4012
1Cybozu
1Kunai
Apr 29, 2026
Sep 8, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code i...Show more
The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.Show less
CVE-2012-4011
1Cybozu
1Kunai
Apr 29, 2026
Sep 8, 2012
N/A· v4
N/A· v3
9.3 HIGH· v2
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
CVE-2012-4009
1Cybozu
1Cybozu Live
Apr 29, 2026
Aug 31, 2012
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this co...Show more
The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.Show less
CVE-2012-4008
1Cybozu
1Cybozu Live
Apr 29, 2026
Aug 31, 2012
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
CVE-2011-2677
1Cybozu
1Office
Apr 29, 2026
Oct 21, 2011
N/A· v4
N/A· v3
5.5 MEDIUM· v2
Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL.
CVE-2011-1335
1Cybozu
1Office
Apr 29, 2026
Jun 29, 2011
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions."
CVE-2011-1334
1Cybozu
5Collaborex
DezieGaroon+2 more
Apr 29, 2026
Jun 29, 2011
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbi...Show more
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system."Show less
CVE-2011-1333
1Cybozu
2Garoon
Office
Apr 29, 2026
Jun 29, 2011
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the...Show more
Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system."Show less