Filtered by vendor Cybozu Subscriptions
Filtered by product Garoon Subscriptions
Total 193 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-1194 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service.
CVE-2017-2254 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input
CVE-2016-1213 1 Cybozu 1 Garoon 2025-04-20 N/A
The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites.
CVE-2016-1217 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2.
CVE-2016-1214 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the "Response request" function in Cybozu Garoon before 4.2.2.
CVE-2016-1215 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the "User details" function in Cybozu Garoon before 4.2.2.
CVE-2016-1218 1 Cybozu 1 Garoon 2025-04-20 N/A
SQL injection vulnerability in Cybozu Garoon before 4.2.2.
CVE-2016-1219 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use.
CVE-2016-4906 1 Cybozu 1 Garoon 2025-04-20 N/A
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.
CVE-2016-4907 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.
CVE-2016-7801 1 Cybozu 1 Garoon 2025-04-20 N/A
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.
CVE-2016-7802 1 Cybozu 1 Garoon 2025-04-20 N/A
Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors.
CVE-2016-1197 1 Cybozu 1 Garoon 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775.
CVE-2014-1994 1 Cybozu 1 Garoon 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-1193 1 Cybozu 1 Garoon 2025-04-12 N/A
Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors.
CVE-2016-1192 1 Cybozu 1 Garoon 2025-04-12 N/A
Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors.
CVE-2016-1190 1 Cybozu 1 Garoon 2025-04-12 N/A
Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors.
CVE-2014-1992 1 Cybozu 1 Garoon 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3.5.x, and 3.7.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-1189 1 Cybozu 1 Garoon 2025-04-12 N/A
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors.
CVE-2016-1191 1 Cybozu 1 Garoon 2025-04-12 N/A
Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors.