Total
70 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-20632 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Bulletin Board via unspecified vectors. | |||||
CVE-2021-20630 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Improper access control vulnerability in Phone Messages of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Phone Messages via unspecified vectors. | |||||
CVE-2021-20627 | 1 Cybozu | 1 Office | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. | |||||
CVE-2019-6023 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'. | |||||
CVE-2019-6022 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function. | |||||
CVE-2018-0703 | 1 Cybozu | 1 Office | 2023-12-10 | 6.4 MEDIUM | 7.5 HIGH |
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests. | |||||
CVE-2018-0704 | 1 Cybozu | 1 Office | 2023-12-10 | 6.4 MEDIUM | 7.5 HIGH |
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen. | |||||
CVE-2018-0529 | 1 Cybozu | 1 Office | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
CVE-2018-0567 | 1 Cybozu | 1 Office | 2023-12-10 | 6.5 MEDIUM | 6.3 MEDIUM |
Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass access restriction to access and write non-public data via unspecified vectors. | |||||
CVE-2018-0527 | 1 Cybozu | 1 Office | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2018-0566 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors. | |||||
CVE-2018-0565 | 1 Cybozu | 1 Office | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2018-0528 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors. | |||||
CVE-2018-0526 | 1 Cybozu | 1 Office | 2023-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors. | |||||
CVE-2017-10857 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function. | |||||
CVE-2016-4870 | 1 Cybozu | 1 Office | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function. | |||||
CVE-2016-4871 | 1 Cybozu | 1 Office | 2023-12-10 | 6.8 MEDIUM | 6.5 MEDIUM |
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service. | |||||
CVE-2016-4865 | 1 Cybozu | 1 Office | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Customapp function. | |||||
CVE-2016-4873 | 1 Cybozu | 1 Office | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function. | |||||
CVE-2016-4866 | 1 Cybozu | 1 Office | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function. |