Page 30 of 318 results (0.005 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0528

https://notcve.org/view.php?id=CVE-2018-0528

Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors. Cybozu Garoon, de la versión 10.0.0 a la 10.7.0, permite que los atacantes autenticados omitan la autenticación para ver los horarios a los que no se les permite acceder mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/9812 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-287: Improper Authentication •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0566

https://notcve.org/view.php?id=CVE-2018-0566

Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors. Cybozu Office, de la versión 10.0.0 a la 10.8.0, permite que los atacantes autenticados omitan la autenticación para obtener los horarios sin el privilegio de acceso mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10195 • CWE-269: Improper Privilege Management •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0557

https://notcve.org/view.php?id=CVE-2018-0557

Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) persistente en Cybozu Mailwise, de la versión 5.0.0 a la 5.4.1, permite que atacantes remotos autenticados inyecte scripts web o HTML "E-mail Details Screen" arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN52319657/index.html https://support.cybozu.com/ja-jp/article/10194 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0529

https://notcve.org/view.php?id=CVE-2018-0529

Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors. Cybozu Office, de la versión 10.0.0 a la 10.7.0, permite que los atacantes remotos provoquen una denegación de servicio (DoS) mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10052 • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0565

https://notcve.org/view.php?id=CVE-2018-0565

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en Cybozu Office, de la versión 10.0.0 a la 10.8.0, permite que atacantes remotos autenticados inyecte scripts web o HTML arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10200 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •