Vulnerabilities > Cybozu > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-23304 | Untrusted Search Path vulnerability in Cybozu Kunai 3.0.20/3.0.21 Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations. | 7.5 |
| 2022-12-07 | CVE-2022-44608 | Resource Exhaustion vulnerability in Cybozu Remote Service 4.0.0/4.0.3 Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition. | 7.5 |
| 2022-07-11 | CVE-2022-30602 | Unspecified vulnerability in Cybozu Garoon Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files. | 8.1 |
| 2022-07-04 | CVE-2022-29484 | Unspecified vulnerability in Cybozu Garoon Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space. | 8.1 |
| 2021-10-13 | CVE-2021-20795 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Remote Service Manager 3.1.8/3.1.9 Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors. | 8.8 |
| 2021-08-18 | CVE-2021-20758 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors. | 8.0 |
| 2020-06-30 | CVE-2020-5584 | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors. | 7.5 |
| 2020-06-30 | CVE-2020-5580 | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors. | 8.1 |
| 2020-04-28 | CVE-2020-5567 | Improper Authentication vulnerability in Cybozu Garoon Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu. | 7.5 |
| 2019-09-12 | CVE-2019-5991 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 7.6 |