Filtered by vendor Cybozu
Subscribe
Total
317 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-20755 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege. | |||||
CVE-2021-20756 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege. | |||||
CVE-2021-20766 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. | |||||
CVE-2021-20767 | 1 Cybozu | 1 Garoon | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting vulnerability in Full Text Search of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
CVE-2021-20770 | 1 Cybozu | 1 Garoon | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting vulnerability in Message of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
CVE-2021-20754 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Improper input validation vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Workflow without the appropriate privilege. | |||||
CVE-2021-20764 | 1 Cybozu | 1 Garoon | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Improper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to alter the data of Attaching Files. | |||||
CVE-2021-20775 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege. | |||||
CVE-2021-20763 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege. | |||||
CVE-2021-20757 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | |||||
CVE-2021-20769 | 1 Cybozu | 1 Garoon | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
CVE-2021-20774 | 1 Cybozu | 1 Garoon | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
CVE-2021-20773 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege. | |||||
CVE-2021-20771 | 1 Cybozu | 1 Garoon | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors. | |||||
CVE-2021-20625 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows an authenticated attacker to bypass access restriction and alter the data of Bulletin Board via unspecified vectors. | |||||
CVE-2020-5643 | 1 Cybozu | 1 Garoon | 2023-12-10 | 5.5 MEDIUM | 6.5 MEDIUM |
Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector. | |||||
CVE-2021-20631 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Improper input validation vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attacker to alter the data of Custom App via unspecified vectors. | |||||
CVE-2021-20634 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Improper access control vulnerability in Custom App of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Custom App via unspecified vectors. | |||||
CVE-2021-20633 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the date of Cabinet via unspecified vectors. | |||||
CVE-2021-20626 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and alter the data of Workflow via unspecified vectors. |