Cybozu Office 10.2.0
Approved changes feed: RSS · Atom
cpe:2.3:a:cybozu:office:10.2.0:*:*:*:*:*:*:*
part: a version: 10.2.0 update: *
| Vendor | Cybozu (6c3c6c19-80d3-5353-ad46-e08ec1369448) |
|---|---|
| Product | Office (3e47509a-1a03-5002-929e-9c2c66c074a0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-2116 |
vulnerable | 2026-06-03 14:37:06.691212 |
Details available
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors.
Published: 2017-04-28T16:00:00.000Z
Updated: 2024-08-05T13:39:32.279Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2115 |
vulnerable | 2026-06-03 14:37:06.690622 |
Details available
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.
Published: 2017-04-28T16:00:00.000Z
Updated: 2024-08-05T13:39:32.370Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2114 |
vulnerable | 2026-06-03 14:37:06.686555 |
Details available
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 2017-04-28T16:00:00.000Z
Updated: 2024-08-05T13:39:32.252Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-10857 |
vulnerable | 2026-06-03 14:36:27.245157 |
Details available
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.
Published: 2017-10-12T14:00:00.000Z
Updated: 2024-08-05T17:50:12.589Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4874 |
vulnerable | 2026-06-03 14:35:53.648663 |
Details available
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download" attack.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.544Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4873 |
vulnerable | 2026-06-03 14:35:53.648028 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.532Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4872 |
vulnerable | 2026-06-03 14:35:53.647380 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restrictions to view the names of unauthorized projects via a breadcrumb trail.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.546Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4871 |
vulnerable | 2026-06-03 14:35:53.646651 |
Details available
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:39.435Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4870 |
vulnerable | 2026-06-03 14:35:53.646014 |
Details available
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:39.227Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4869 |
vulnerable | 2026-06-03 14:35:53.645370 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session information via a page where CGI environment variables are displayed.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.556Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4868 |
vulnerable | 2026-06-03 14:35:53.644697 |
Details available
Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.547Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4867 |
vulnerable | 2026-06-03 14:35:53.643933 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.555Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4866 |
vulnerable | 2026-06-03 14:35:53.643250 |
Details available
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.521Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4865 |
vulnerable | 2026-06-03 14:35:53.641183 |
Details available
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Customapp function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.546Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1152 |
vulnerable | 2026-06-03 14:35:30.760994 |
Details available
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions, and read or write to plan data, via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2015-8486.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-05T22:48:13.336Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1151 |
vulnerable | 2026-06-03 14:35:30.760535 |
Details available
Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-05T22:48:13.498Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1150 |
vulnerable | 2026-06-03 14:35:30.760039 |
Details available
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1149.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-05T22:48:13.005Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1149 |
vulnerable | 2026-06-03 14:35:30.758794 |
Details available
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-05T22:48:12.977Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8489 |
vulnerable | 2026-06-03 14:35:12.077880 |
Details available
customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-2016-1153.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T08:20:42.463Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8487 |
vulnerable | 2026-06-03 14:35:12.077007 |
Details available
Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover CSRF tokens via unspecified vectors, a different vulnerability than CVE-2015-8488.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T08:20:42.428Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8486 |
vulnerable | 2026-06-03 14:35:12.076420 |
Details available
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T08:20:42.523Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8485 |
vulnerable | 2026-06-03 14:35:12.075963 |
Details available
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T08:20:42.516Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8484 |
vulnerable | 2026-06-03 14:35:12.075502 |
Details available
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T08:20:41.753Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8483 |
vulnerable | 2026-06-03 14:35:12.075011 |
Details available
Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T08:20:42.424Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-7798 |
vulnerable | 2026-06-03 14:35:09.950127 |
Details available
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T07:58:59.914Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-7797 |
vulnerable | 2026-06-03 14:35:09.949470 |
Details available
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T07:58:59.893Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-7796 |
vulnerable | 2026-06-03 14:35:09.948805 |
Details available
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T07:59:00.384Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-7795 |
vulnerable | 2026-06-03 14:35:09.947568 |
Details available
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
Published: 2016-02-17T02:00:00.000Z
Updated: 2024-08-06T07:58:59.980Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.