VYPR

Garoon

by Cybozu

CVEs (200)

  • CVE-2021-20760Aug 18, 2021
    risk 0.00cvss epss 0.01

    Improper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of User Profile without the appropriate privilege.

  • CVE-2021-20759Aug 18, 2021
    risk 0.00cvss epss 0.01

    Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege.

  • CVE-2021-20758Aug 18, 2021
    risk 0.00cvss epss 0.00

    Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors.

  • CVE-2021-20757Aug 18, 2021
    risk 0.00cvss epss 0.01

    Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege.

  • CVE-2021-20756Aug 18, 2021
    risk 0.00cvss epss 0.01

    Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege.

  • CVE-2021-20755Aug 18, 2021
    risk 0.00cvss epss 0.01

    Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege.

  • CVE-2021-20754Aug 18, 2021
    risk 0.00cvss epss 0.01

    Improper input validation vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Workflow without the appropriate privilege.

  • CVE-2021-20753Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2020-5643Nov 6, 2020
    risk 0.00cvss epss 0.02

    Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector.

  • CVE-2020-5588Jun 30, 2020
    risk 0.00cvss epss 0.01

    Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors.

  • CVE-2020-5587Jun 30, 2020
    risk 0.00cvss epss 0.01

    Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors.

  • CVE-2020-5585Jun 30, 2020
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.

  • CVE-2020-5586Jun 30, 2020
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.

  • CVE-2020-5583Jun 30, 2020
    risk 0.00cvss epss 0.01

    Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors.

  • CVE-2020-5584Jun 30, 2020
    risk 0.00cvss epss 0.01

    Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors.

  • CVE-2020-5581Jun 30, 2020
    risk 0.00cvss epss 0.02

    Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors.

  • CVE-2020-5582Jun 30, 2020
    risk 0.00cvss epss 0.01

    Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors.

  • CVE-2020-5580Jun 30, 2020
    risk 0.00cvss epss 0.01

    Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors.

  • CVE-2020-5568Apr 28, 2020
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'.

  • CVE-2020-5567Apr 28, 2020
    risk 0.00cvss epss 0.01

    Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu.

Page 6 of 10