Filtered by vendor Cybozu Subscriptions

Search

Switch to Advanced Search (Beta)
Total 326 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-4906 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.
CVE-2016-4907 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.
CVE-2016-1217 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2.
CVE-2016-7801 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.
CVE-2016-7803 1 Cybozu 1 Garoon 2025-04-20 N/A
SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function.
CVE-2016-7815 1 Cybozu 1 Remote Service Manager 2025-04-20 N/A
Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network.
CVE-2016-1194 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service.
CVE-2016-1216 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2.
CVE-2016-1214 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the "Response request" function in Cybozu Garoon before 4.2.2.
CVE-2017-2092 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-4869 1 Cybozu 1 Office 2025-04-20 N/A
Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session information via a page where CGI environment variables are displayed.
CVE-2016-1220 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon before 4.2.2 does not properly restrict access.
CVE-2016-1219 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use.
CVE-2016-4841 1 Cybozu 1 Mailwise 2025-04-20 N/A
Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.
CVE-2016-1186 1 Cybozu 1 Kintone 2025-04-20 N/A
Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates.
CVE-2016-4843 1 Cybozu 1 Mailwise 2025-04-20 N/A
Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.
CVE-2016-4865 1 Cybozu 1 Office 2025-04-20 N/A
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Customapp function.
CVE-2016-4866 1 Cybozu 1 Office 2025-04-20 N/A
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function.
CVE-2016-1215 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the "User details" function in Cybozu Garoon before 4.2.2.
CVE-2016-1187 1 Cybozu 1 Kunai 2025-04-20 N/A
Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates.