Vulnerabilities > Cybozu
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-21 | CVE-2016-1186 | Improper Certificate Validation vulnerability in Cybozu Kintone Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates. | 4.3 |
| 2017-04-21 | CVE-2016-4841 | Improper Input Validation vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers. | 4.3 |
| 2017-04-21 | CVE-2016-1194 | Resource Management Errors vulnerability in Cybozu Garoon 4.2.0 Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service. | 4.0 |
| 2017-04-20 | CVE-2016-4844 | Information Exposure vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks. | 4.3 |
| 2017-04-20 | CVE-2016-4843 | Information Exposure vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information. | 4.3 |
| 2017-04-20 | CVE-2016-4842 | Information Exposure vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read. | 4.3 |
| 2017-04-20 | CVE-2016-1220 | Improper Access Control vulnerability in Cybozu Garoon Cybozu Garoon before 4.2.2 does not properly restrict access. | 4.0 |
| 2017-04-20 | CVE-2016-1218 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in Cybozu Garoon before 4.2.2. | 6.5 |
| 2017-04-20 | CVE-2016-1217 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2. | 4.3 |
| 2017-04-20 | CVE-2016-1216 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in the "New appointment" function in Cybozu Garoon before 4.2.2. | 4.3 |