Filtered by vendor Cybozu
Subscribe
Total
317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4841 | 1 Cybozu | 1 Mailwise | 2017-04-27 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers. | |||||
| CVE-2016-1194 | 1 Cybozu | 1 Garoon | 2017-04-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service. | |||||
| CVE-2016-1186 | 1 Cybozu | 1 Kintone | 2017-04-26 | 4.3 MEDIUM | 5.9 MEDIUM |
| Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates. | |||||
| CVE-2016-1219 | 1 Cybozu | 1 Garoon | 2017-04-25 | 7.5 HIGH | 9.8 CRITICAL |
| Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use. | |||||
| CVE-2016-4842 | 1 Cybozu | 1 Mailwise | 2017-04-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read. | |||||
| CVE-2016-4844 | 1 Cybozu | 1 Mailwise | 2017-04-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks. | |||||
| CVE-2016-1220 | 1 Cybozu | 1 Garoon | 2017-04-25 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Garoon before 4.2.2 does not properly restrict access. | |||||
| CVE-2016-1218 | 1 Cybozu | 1 Garoon | 2017-04-25 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in Cybozu Garoon before 4.2.2. | |||||
| CVE-2016-1217 | 1 Cybozu | 1 Garoon | 2017-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2. | |||||
| CVE-2016-1216 | 1 Cybozu | 1 Garoon | 2017-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2. | |||||
| CVE-2016-1215 | 1 Cybozu | 1 Garoon | 2017-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the "User details" function in Cybozu Garoon before 4.2.2. | |||||
| CVE-2016-1214 | 1 Cybozu | 1 Garoon | 2017-04-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the "Response request" function in Cybozu Garoon before 4.2.2. | |||||
| CVE-2016-1213 | 1 Cybozu | 1 Garoon | 2017-04-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites. | |||||
| CVE-2016-4843 | 1 Cybozu | 1 Mailwise | 2017-04-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information. | |||||
| CVE-2016-4874 | 1 Cybozu | 1 Office | 2017-04-20 | 3.5 LOW | 3.5 LOW |
| Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download" attack. | |||||
| CVE-2016-4871 | 1 Cybozu | 1 Office | 2017-04-20 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service. | |||||
| CVE-2016-1185 | 1 Cybozu | 1 Kintone | 2017-03-15 | 2.6 LOW | 2.5 LOW |
| The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application. | |||||
| CVE-2016-1193 | 1 Cybozu | 1 Garoon | 2016-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors. | |||||
| CVE-2016-1190 | 1 Cybozu | 1 Garoon | 2016-06-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors. | |||||
| CVE-2016-1189 | 1 Cybozu | 1 Garoon | 2016-06-27 | 5.5 MEDIUM | 8.1 HIGH |
| Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors. | |||||