Office CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (70 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-0565	1 Cybozu	1 Office	2024-11-21	N/A
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0529	1 Cybozu	1 Office	2024-11-21	N/A
Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2018-0528	1 Cybozu	1 Office	2024-11-21	N/A
Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors.
CVE-2018-0527	1 Cybozu	1 Office	2024-11-21	N/A
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0526	1 Cybozu	1 Office	2024-11-21	N/A
Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors.
CVE-2011-2677	1 Cybozu	1 Office	2024-08-06	N/A
Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL.
CVE-2011-1333	1 Cybozu	2 Garoon, Office	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system."
CVE-2011-1335	1 Cybozu	1 Office	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions."
CVE-2011-1334	1 Cybozu	5 Collaborex, Dezie, Garoon and 2 more	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system."
CVE-2013-4703	1 Cybozu	1 Office	2024-08-06	N/A
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

« first previous Page 4 of 4.