Vulnerabilidades em Cybozu, Inc.
200 resultadosAnálise Vexday
Com 200 CVEs catalogadas e nenhuma presença no catálogo KEV da CISA, o perfil de exploração ativa da Cybozu, Inc. situa-se abaixo da média geral do catálogo, indicando baixa atratividade imediata para agentes de ameaça oportunistas. O tipo de falha mais recorrente é CWE-79 (Cross-Site Scripting), o que sugere atenção contínua à validação de entrada e sanitização de saída nas aplicações do vendor. A CVE de maior risco identificada atualmente é CVE-2020-5537, com pontuação EPSS de 0,0293, refletindo probabilidade ainda baixa de exploração em larga escala no curto prazo. A ausência de PoCs públicas e de novas vulnerabilidades nos últimos 90 dias reduz a pressão imediata de remediação, embora o monitoramento contínuo permaneça recomendável dado o volume acumulado de registros.
CVE-2023-27304—Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker toEPSS 0.5%CVE-2023-27384—Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data oEPSS 0.5%CVE-2024-31401CRITICALCross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege EPSS 0.5%CVE-2021-20758—Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack EPSS 0.5%CVE-2022-29513—Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote authenticated attacker with an administratiEPSS 0.5%CVE-2024-31397MEDIUMImproper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in tEPSS 0.5%CVE-2016-7815—Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on theEPSS 0.4%CVE-2024-39817MEDIUMInsertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to thEPSS 0.4%CVE-2026-22888MEDIUMImproper input verification issue exists in Cybozu Garoon 5.0.0 to 6.0.3, which may lead to unauthorized alteration of portal settings, poteEPSS 0.4%CVE-2024-31399MEDIUMExcessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, proEPSS 0.4%CVE-2020-5573—Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspEPSS 0.3%CVE-2020-5572—Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecifEPSS 0.3%CVE-2024-31398MEDIUMInsertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user EPSS 0.3%CVE-2024-31402MEDIUMIncorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared TEPSS 0.3%CVE-2024-31404MEDIUMInsertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to theEPSS 0.3%CVE-2024-31403MEDIUMIncorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote authenticated attacker to alter and/or obtain the dataEPSS 0.3%CVE-2024-31400MEDIUMInsertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintenEPSS 0.3%CVE-2024-39457MEDIUMCybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary EPSS 0.2%CVE-2026-20711MEDIUMCross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitraryEPSS 0.2%CVE-2026-22881MEDIUMCross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitraEPSS 0.2%