Vulnerabilities > Cybozu

DATE CVE VULNERABILITY TITLE RISK
2024-08-06 CVE-2024-39817 Unspecified vulnerability in Cybozu Office
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App.
network
low complexity
cybozu
6.5
2024-07-19 CVE-2024-39457 Cross-site Scripting vulnerability in Cybozu Garoon 6.0.0/6.0.1
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview.
network
low complexity
cybozu CWE-79
5.4
2024-06-11 CVE-2024-31398 Unspecified vulnerability in Cybozu Garoon
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2.
network
low complexity
cybozu
4.3
2024-06-11 CVE-2024-31399 Unspecified vulnerability in Cybozu Garoon
Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2.
network
low complexity
cybozu
6.5
2024-06-11 CVE-2024-31402 Incorrect Authorization vulnerability in Cybozu Garoon
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
network
low complexity
cybozu CWE-863
4.3
2024-02-06 CVE-2024-23304 Untrusted Search Path vulnerability in Cybozu Kunai 3.0.20/3.0.21
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations.
network
low complexity
cybozu CWE-426
7.5
2023-11-01 CVE-2023-46278 Resource Exhaustion vulnerability in Cybozu Remote Service 4.1.0
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed communication.
network
low complexity
cybozu CWE-400
6.5
2023-08-03 CVE-2022-26838 Path Traversal vulnerability in Cybozu Remote Service Manager 3.1.2
Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition.
network
low complexity
cybozu CWE-22
6.5
2023-05-23 CVE-2023-26595 Resource Exhaustion vulnerability in Cybozu Garoon
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
network
low complexity
cybozu CWE-400
6.5
2023-05-23 CVE-2023-27304 Unspecified vulnerability in Cybozu Garoon
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
network
low complexity
cybozu
4.3