Cybozu Office 10.4.0
Approved changes feed: RSS · Atom
cpe:2.3:a:cybozu:office:10.4.0:*:*:*:*:*:*:*
part: a version: 10.4.0 update: *
| Vendor | Cybozu (6c3c6c19-80d3-5353-ad46-e08ec1369448) |
|---|---|
| Product | Office (3e47509a-1a03-5002-929e-9c2c66c074a0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-2116 |
vulnerable | 2026-06-03 14:37:06.691245 |
Details available
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors.
Published: 2017-04-28T16:00:00.000Z
Updated: 2024-08-05T13:39:32.279Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2115 |
vulnerable | 2026-06-03 14:37:06.690660 |
Details available
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.
Published: 2017-04-28T16:00:00.000Z
Updated: 2024-08-05T13:39:32.370Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2114 |
vulnerable | 2026-06-03 14:37:06.687599 |
Details available
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 2017-04-28T16:00:00.000Z
Updated: 2024-08-05T13:39:32.252Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-10857 |
vulnerable | 2026-06-03 14:36:27.246166 |
Details available
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.
Published: 2017-10-12T14:00:00.000Z
Updated: 2024-08-05T17:50:12.589Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4874 |
vulnerable | 2026-06-03 14:35:53.648694 |
Details available
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download" attack.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.544Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4873 |
vulnerable | 2026-06-03 14:35:53.648059 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.532Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4872 |
vulnerable | 2026-06-03 14:35:53.647413 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restrictions to view the names of unauthorized projects via a breadcrumb trail.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.546Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4871 |
vulnerable | 2026-06-03 14:35:53.646683 |
Details available
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:39.435Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4870 |
vulnerable | 2026-06-03 14:35:53.646045 |
Details available
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:39.227Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4869 |
vulnerable | 2026-06-03 14:35:53.645402 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session information via a page where CGI environment variables are displayed.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.556Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4868 |
vulnerable | 2026-06-03 14:35:53.644730 |
Details available
Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.547Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4867 |
vulnerable | 2026-06-03 14:35:53.643965 |
Details available
Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.555Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4866 |
vulnerable | 2026-06-03 14:35:53.643283 |
Details available
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.521Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4865 |
vulnerable | 2026-06-03 14:35:53.642494 |
Details available
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Customapp function.
Published: 2017-04-17T15:00:00.000Z
Updated: 2024-08-06T00:46:38.546Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.