Vulnerabilities in Cybozu, Inc.

200 results
Vexday analysis

Com 200 CVEs catalogadas e nenhuma presença no catálogo KEV da CISA, o perfil de exploração ativa da Cybozu, Inc. situa-se abaixo da média geral do catálogo, indicando baixa atratividade imediata para agentes de ameaça oportunistas. O tipo de falha mais recorrente é CWE-79 (Cross-Site Scripting), o que sugere atenção contínua à validação de entrada e sanitização de saída nas aplicações do vendor. A CVE de maior risco identificada atualmente é CVE-2020-5537, com pontuação EPSS de 0,0293, refletindo probabilidade ainda baixa de exploração em larga escala no curto prazo. A ausência de PoCs públicas e de novas vulnerabilidades nos últimos 90 dias reduz a pressão imediata de remediação, embora o monitoramento contínuo permaneça recomendável dado o volume acumulado de registros.

CVE-2021-20753Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrarEPSS 0.6%CVE-2022-26368Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authentiEPSS 0.6%CVE-2017-2146Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via applicEPSS 0.6%CVE-2022-32453HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the proEPSS 0.6%CVE-2018-16172Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 tEPSS 0.6%CVE-2021-20797Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to EPSS 0.6%CVE-2021-20798Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker tEPSS 0.6%CVE-2021-20799Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker tEPSS 0.6%CVE-2021-20800Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject EPSS 0.6%CVE-2021-20805Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker tEPSS 0.6%CVE-2022-28715Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrEPSS 0.5%CVE-2022-29487Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified EPSS 0.5%CVE-2022-30604Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrEPSS 0.5%CVE-2022-33151Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitraEPSS 0.5%CVE-2021-20795Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker toEPSS 0.5%CVE-2017-2255Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text"EPSS 0.5%CVE-2017-2256Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text"EPSS 0.5%CVE-2023-26595MEDIUMDenial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial oEPSS 0.5%CVE-2020-5585Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script vEPSS 0.5%CVE-2020-5586Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script EPSS 0.5%