| CVE-2016-7833 |
high |
7.5 |
7.5 |
|
|
cybozu |
9y ago |
Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. |
| CVE-2016-7803 |
high |
8.8 |
8.8 |
|
|
cybozu |
9y ago |
SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. |
| CVE-2016-4907 |
high |
8.8 |
8.8 |
|
|
cybozu |
9y ago |
Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors. |
| CVE-2016-1218 |
high |
8.8 |
8.8 |
|
|
cybozu |
9y ago |
SQL injection vulnerability in Cybozu Garoon before 4.2.2. |
| CVE-2016-1193 |
high |
7.5 |
7.5 |
|
|
cybozu |
10y ago |
Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors. |
| CVE-2016-1189 |
high |
8.1 |
8.1 |
|
|
cybozu |
10y ago |
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors. |
| CVE-2016-1195 |
high |
7.4 |
7.4 |
|
|
cybozu |
10y ago |
Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. |
| CVE-2016-1151 |
high |
8.8 |
8.8 |
|
|
cybozu |
10y ago |
Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users. |
| CVE-2015-8483 |
high |
7.4 |
7.4 |
|
|
cybozu |
10y ago |
Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. |
| CVE-2015-5647 |
high |
— |
8.5 |
|
|
cybozu |
11y ago |
The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866. |
| CVE-2015-5646 |
high |
— |
8.5 |
|
|
cybozu |
11y ago |
Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-863 and CyVDB-867. |
| CVE-2015-5649 |
high |
— |
7.0 |
|
|
cybozu |
11y ago |
Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended l… |
| CVE-2014-7266 |
high |
— |
7.8 |
|
|
cybozu |
12y ago |
Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service (CPU consumption) via vectors that trigg… |
| CVE-2014-1996 |
high |
— |
7.5 |
|
|
cybozu |
12y ago |
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call. |
| CVE-2014-1983 |
high |
— |
7.8 |
|
|
cybozu |
12y ago |
Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors. |
