Vulnerabilities > Cybozu > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-26 | CVE-2018-0607 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
| 2018-04-16 | CVE-2018-0530 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7833 | Improper Access Control vulnerability in Cybozu Dezie Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7803 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. | 8.8 |
| 2017-06-09 | CVE-2016-4907 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors. | 8.8 |
| 2017-04-20 | CVE-2016-1218 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in Cybozu Garoon before 4.2.2. | 8.8 |
| 2016-06-25 | CVE-2016-1193 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors. | 7.5 |
| 2016-06-25 | CVE-2016-1189 | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors. | 8.1 |
| 2016-06-19 | CVE-2016-1195 | Unspecified vulnerability in Cybozu Garoon Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | 7.4 |
| 2016-02-17 | CVE-2016-1151 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Office Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users. | 8.8 |