Vulnerabilities > Cybozu

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-29	CVE-2017-2255	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space". network low complexity cybozu CWE-79	5.4
2017-08-29	CVE-2017-2254	Improper Input Validation vulnerability in Cybozu Garoon Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input network low complexity cybozu CWE-20	4.9
2017-07-07	CVE-2017-2172	Cross-site Scripting vulnerability in Cybozu Kunai Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity cybozu CWE-79	6.1
2017-07-07	CVE-2017-2146	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu. network low complexity cybozu CWE-79	4.8
2017-07-07	CVE-2017-2145	Session Fixation vulnerability in Cybozu Garoon Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors. network low complexity cybozu CWE-384	5.4
2017-07-07	CVE-2017-2144	Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page. network low complexity cybozu	5.4
2017-06-09	CVE-2016-7833	Improper Access Control vulnerability in Cybozu Dezie Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. network low complexity cybozu CWE-284	7.5
2017-06-09	CVE-2016-7832	Information Exposure vulnerability in Cybozu Dezie Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. network low complexity cybozu CWE-200	5.3
2017-06-09	CVE-2016-7816	Improper Certificate Validation vulnerability in Cybozu Kintone The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. network high complexity cybozu CWE-295	5.9
2017-06-09	CVE-2016-7803	SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. network low complexity cybozu CWE-89	8.8

Vulnerabilities > Cybozu {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cybozu"}]}

Vulnerabilities > Cybozu