Vulnerabilities > Cybozu > Garoon > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-11 | CVE-2022-30602 | Unspecified vulnerability in Cybozu Garoon Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files. | 8.1 |
| 2022-07-04 | CVE-2022-29484 | Unspecified vulnerability in Cybozu Garoon Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space. | 8.1 |
| 2021-08-18 | CVE-2021-20758 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors. | 8.0 |
| 2020-06-30 | CVE-2020-5584 | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors. | 7.5 |
| 2020-06-30 | CVE-2020-5580 | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors. | 8.1 |
| 2020-04-28 | CVE-2020-5567 | Improper Authentication vulnerability in Cybozu Garoon Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu. | 7.5 |
| 2019-09-12 | CVE-2019-5991 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 7.6 |
| 2019-05-17 | CVE-2019-5934 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'. | 7.2 |
| 2019-05-17 | CVE-2019-5931 | Improper Input Validation vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 4.6.3 allows authenticated attackers to alter the information with privileges invoking the installer via unspecified vectors. | 8.7 |
| 2019-01-09 | CVE-2018-16178 | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access restriction to view information available only for a sign-on user via Single sign-on function. | 7.5 |