Vulnerabilities (CVE)

Filtered by vendor Cybozu Subscribe
Filtered by product Office
Total 71 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7798 1 Cybozu 1 Office 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150.
CVE-2015-7797 1 Cybozu 1 Office 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
CVE-2015-7796 1 Cybozu 1 Office 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
CVE-2015-7795 1 Cybozu 1 Office 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
CVE-2014-5314 1 Cybozu 3 Dezie, Mailwise, Office 2024-11-21 9.0 HIGH N/A
Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.
CVE-2013-4703 1 Cybozu 1 Office 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2677 1 Cybozu 1 Office 2024-11-21 5.5 MEDIUM N/A
Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL.
CVE-2011-1335 1 Cybozu 1 Office 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions."
CVE-2011-1334 1 Cybozu 5 Collaborex, Dezie, Garoon and 2 more 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system."
CVE-2011-1333 1 Cybozu 2 Garoon, Office 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system."
CVE-2024-39817 1 Cybozu 1 Office 2024-09-11 N/A 6.5 MEDIUM
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App.