Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Office
(Cybozu)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 71 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-01-09 | CVE-2018-0703 | Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests. | Office | 7.5 | ||
2018-06-26 | CVE-2018-0567 | Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass access restriction to access and write non-public data via unspecified vectors. | Office | 6.3 | ||
2018-06-26 | CVE-2018-0566 | Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors. | Office | 4.3 | ||
2018-06-26 | CVE-2018-0565 | Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Office | 6.1 | ||
2018-06-26 | CVE-2018-0529 | Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors. | Office | 4.3 | ||
2018-06-26 | CVE-2018-0528 | Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors. | Office | 4.3 | ||
2018-06-26 | CVE-2018-0527 | Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Office | 6.1 | ||
2018-06-26 | CVE-2018-0526 | Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors. | Office | 4.3 | ||
2017-04-28 | CVE-2017-2114 | Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | Office | 5.4 | ||
2017-04-17 | CVE-2016-4874 | Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download" attack. | Office | 3.5 |