Cybozu : Security Vulnerabilities, CVEs,
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations.
Max CVSS
7.5
EPSS Score
0.08%
Published
2024-02-06
Updated
2024-02-13
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed communication.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-11-01
Updated
2023-11-08
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-05-23
Updated
2023-05-30
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-05-23
Updated
2023-05-31
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-05-23
Updated
2023-05-31
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition.
Max CVSS
7.5
EPSS Score
0.17%
Published
2022-12-07
Updated
2022-12-09
Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Address Book via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-08-18
Updated
2022-08-19
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitrary script via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.10%
Published
2022-08-18
Updated
2022-08-19
Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-08-18
Updated
2022-08-19
Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-08-18
Updated
2022-08-19
HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.13%
Published
2022-08-18
Updated
2022-08-19
Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Cabinet via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-08-18
Updated
2022-08-19
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-11
Updated
2022-07-15
Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-11
Updated
2022-07-15
Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to obtain the data of the product via unspecified vectors.
Max CVSS
5.3
EPSS Score
0.13%
Published
2022-08-18
Updated
2022-08-19
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.10%
Published
2022-08-18
Updated
2022-08-19
Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-11
Updated
2022-07-15
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service (DoS).
Max CVSS
6.5
EPSS Score
0.14%
Published
2022-07-04
Updated
2022-07-12
Browse restriction bypass vulnerability in Custom Ap of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Custom App via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-08-18
Updated
2022-08-19
Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary script.
Max CVSS
4.8
EPSS Score
0.07%
Published
2022-07-04
Updated
2022-07-12
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
Max CVSS
6.5
EPSS Score
0.09%
Published
2022-07-11
Updated
2022-07-15
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.10%
Published
2022-08-18
Updated
2022-08-19
Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-04
Updated
2022-07-12
Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12