U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:cybozu:dezie:8.0.3
There are 5 matching records.
Displaying matches 1 through 5.
Vuln ID Summary CVSS Severity
CVE-2018-0705

Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests.

Published: January 09, 2019; 6:29:02 PM -0500
V3.0: 9.1 CRITICAL
V2.0: 7.5 HIGH
CVE-2016-7833

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.

Published: June 09, 2017; 12:29:01 PM -0400
V3.0: 7.5 HIGH
V2.0: 6.4 MEDIUM
CVE-2016-7832

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.

Published: June 09, 2017; 12:29:01 PM -0400
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2014-5314

Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.

Published: November 23, 2014; 9:59:00 PM -0500
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2013-6005

Cross-site scripting (XSS) vulnerability in Cybozu Dezie before 8.1.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Cancel button.

Published: December 13, 2013; 1:07:51 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM