Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cybozu garoon 3.5.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1987
The CGI component in Cybozu Garoon 3.1.0 up to and including 3.7 SP3 allows remote malicious users to execute arbitrary commands via unspecified vectors.
Cybozu Garoon 3.7
Cybozu Garoon 3.5.5
Cybozu Garoon 3.5.0
Cybozu Garoon 3.1.3
Cybozu Garoon 3.1.2
Cybozu Garoon 3.1.1
Cybozu Garoon 3.5.4
Cybozu Garoon 3.5.2
Cybozu Garoon 3.5.3
Cybozu Garoon 3.5.1
Cybozu Garoon 3.1.0
NA
CVE-2014-1992
Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3.5.x, and 3.7.x prior to 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon 3.5.5
Cybozu Garoon 3.7
Cybozu Garoon 3.1.0
Cybozu Garoon 3.1.1
Cybozu Garoon 3.1.2
Cybozu Garoon 3.1.3
Cybozu Garoon 3.5.0
Cybozu Garoon 3.5.2
Cybozu Garoon 3.5.4
Cybozu Garoon 3.5.1
Cybozu Garoon 3.5.3
NA
CVE-2014-1989
Cybozu Garoon 3.0 up to and including 3.7 SP3 allows remote authenticated users to bypass intended access restrictions and delete schedule information via unspecified API calls.
Cybozu Garoon 3.0.0
Cybozu Garoon 3.0.1
Cybozu Garoon 3.0.2
Cybozu Garoon 3.7
Cybozu Garoon 3.7.0
Cybozu Garoon 3.7.1
Cybozu Garoon 3.7.2
Cybozu Garoon 3.1.0
Cybozu Garoon 3.1.2
Cybozu Garoon 3.5.3
Cybozu Garoon 3.5.5
Cybozu Garoon 3.1.3
Cybozu Garoon 3.5.0
Cybozu Garoon 3.5.1
Cybozu Garoon 3.5.2
Cybozu Garoon 3.0.3
Cybozu Garoon 3.1.1
Cybozu Garoon 3.5.4
4.9
CVSSv3
CVE-2017-2254
Cybozu Garoon 3.5.0 to 4.2.5 allows an malicious user to cause a denial of service in the application menu's edit function via specially crafted input
Cybozu Garoon 4.2.3
Cybozu Garoon 4.2.4
Cybozu Garoon 4.2.5
Cybozu Garoon 3.5.0
Cybozu Garoon 4.2.1
Cybozu Garoon 3.5.5
Cybozu Garoon 3.7.0
Cybozu Garoon 3.7.1
Cybozu Garoon 3.7.2
Cybozu Garoon 4.0.3
Cybozu Garoon 3.5.2
Cybozu Garoon 3.5.4
Cybozu Garoon 3.7.4
Cybozu Garoon 4.0.1
Cybozu Garoon 4.2.0
Cybozu Garoon 3.7.3
Cybozu Garoon 4.2.2
Cybozu Garoon 3.5.1
Cybozu Garoon 3.5.3
Cybozu Garoon 3.7.5
Cybozu Garoon 4.0.2
6.5
CVSSv3
CVE-2016-1188
Cybozu Garoon 3.x and 4.x prior to 4.2.1 allows remote authenticated users to send spoofed e-mail messages via unspecified vectors.
Cybozu Garoon 4.2.0
Cybozu Garoon 4.0.3
Cybozu Garoon 4.0.2
Cybozu Garoon 4.0.1
Cybozu Garoon 3.5.0
Cybozu Garoon 3.1.3
Cybozu Garoon 3.1.2
Cybozu Garoon 3.1.1
Cybozu Garoon 3.7.2
Cybozu Garoon 3.7.1
Cybozu Garoon 3.7.0
Cybozu Garoon 3.5.5
Cybozu Garoon 4.0.0
Cybozu Garoon 3.7.4
Cybozu Garoon 3.5.3
Cybozu Garoon 3.5.1
Cybozu Garoon 3.1.0
Cybozu Garoon 3.7.5
Cybozu Garoon 3.7.3
Cybozu Garoon 3.5.4
Cybozu Garoon 3.5.2
NA
CVE-2015-5649
Cybozu Garoon 3.x up to and including 3.7.5 and 4.x up to and including 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by lev...
Cybozu Garoon 3.5.3
Cybozu Garoon 3.5.4
Cybozu Garoon 3.5.5
Cybozu Garoon 3.7
Cybozu Garoon 3.0.3
Cybozu Garoon 3.1.0
Cybozu Garoon 3.1.1
Cybozu Garoon 3.1.2
Cybozu Garoon 3.7.3
Cybozu Garoon 4.0.0
Cybozu Garoon 4.0.3
Cybozu Garoon 3.0.0
Cybozu Garoon 3.0.2
Cybozu Garoon 3.1.3
Cybozu Garoon 3.5.1
Cybozu Garoon 3.7.1
Cybozu Garoon 3.0.1
Cybozu Garoon 3.5.0
Cybozu Garoon 3.5.2
Cybozu Garoon 3.7.0
Cybozu Garoon 3.7.2
6.5
CVSSv3
CVE-2016-1190
Cybozu Garoon 3.1 up to and including 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors.
Cybozu Garoon 3.7.4
Cybozu Garoon 3.7.3
Cybozu Garoon 3.7.2
Cybozu Garoon 3.7.1
Cybozu Garoon 4.2.0
Cybozu Garoon 4.0.3
Cybozu Garoon 3.5.2
Cybozu Garoon 3.5.1
Cybozu Garoon 3.5.0
Cybozu Garoon 3.1.3
Cybozu Garoon 4.0.1
Cybozu Garoon 3.7.5
Cybozu Garoon 3.7.0
Cybozu Garoon 3.5.4
Cybozu Garoon 3.1.1
Cybozu Garoon 4.0.2
Cybozu Garoon 4.0.0
Cybozu Garoon 3.5.5
Cybozu Garoon 3.5.3
Cybozu Garoon 3.1.2
Cybozu Garoon 3.1.0
8.1
CVSSv3
CVE-2016-1189
Cybozu Garoon 3.x and 4.x prior to 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors.
Cybozu Garoon 3.5.5
Cybozu Garoon 3.5.4
Cybozu Garoon 3.5.3
Cybozu Garoon 3.5.2
Cybozu Garoon 4.0.1
Cybozu Garoon 4.0.0
Cybozu Garoon 3.7.5
Cybozu Garoon 3.7.4
Cybozu Garoon 3.1.1
Cybozu Garoon 3.1.0
Cybozu Garoon 4.2.0
Cybozu Garoon 4.0.2
Cybozu Garoon 3.7.3
Cybozu Garoon 3.7.1
Cybozu Garoon 3.5.0
Cybozu Garoon 3.1.2
Cybozu Garoon 4.0.3
Cybozu Garoon 3.7.2
Cybozu Garoon 3.7.0
Cybozu Garoon 3.5.1
Cybozu Garoon 3.1.3
NA
CVE-2014-1993
The Portlets subsystem in Cybozu Garoon 2.x and 3.x prior to 3.7 SP4 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
Cybozu Garoon 3.0.2
Cybozu Garoon 3.0.3
Cybozu Garoon 3.1.0
Cybozu Garoon 3.1.1
Cybozu Garoon 2.1.3
Cybozu Garoon 2.5.0
Cybozu Garoon 2.5.1
Cybozu Garoon 2.5.2
Cybozu Garoon 3.5.2
Cybozu Garoon 3.5.3
Cybozu Garoon 3.5.4
Cybozu Garoon 3.5.5
Cybozu Garoon 3.7
Cybozu Garoon 2.1.0
Cybozu Garoon 2.1.2
Cybozu Garoon 2.5.3
Cybozu Garoon 3.0.0
Cybozu Garoon 3.1.3
Cybozu Garoon 3.5.1
Cybozu Garoon 2.0.0
Cybozu Garoon 2.1.1
Cybozu Garoon 2.5.4
NA
CVE-2014-1994
Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x prior to 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon 2.1.2
Cybozu Garoon 2.5.0
Cybozu Garoon 3.0.2
Cybozu Garoon 3.1.0
Cybozu Garoon 3.5.3
Cybozu Garoon 3.5.5
Cybozu Garoon 2.0.0
Cybozu Garoon 2.1.0
Cybozu Garoon 2.1.1
Cybozu Garoon 3.1.1
Cybozu Garoon 3.1.2
Cybozu Garoon 3.1.3
Cybozu Garoon 3.5.0
Cybozu Garoon 3.5.1
Cybozu Garoon 2.5.2
Cybozu Garoon 2.5.3
Cybozu Garoon 2.5.4
Cybozu Garoon 3.0.0
Cybozu Garoon 3.7
Cybozu Garoon 2.1.3
Cybozu Garoon 2.5.1
Cybozu Garoon 3.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »