U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:cybozu:garoon:5.9.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 7 matching records.
Displaying matches 1 through 7.
Vuln ID Summary CVSS Severity
CVE-2023-27304

Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.

Published: May 22, 2023; 10:15:09 PM -0400 		V3.1: 4.3 MEDIUM
 V2.0:(not available)
CVE-2023-26595

Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.

Published: May 22, 2023; 10:15:09 PM -0400 		V3.1: 6.5 MEDIUM
 V2.0:(not available)
CVE-2022-30943

Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.

Published: July 10, 2022; 9:15:07 PM -0400 		V3.1: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2022-30602

Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.

Published: July 10, 2022; 9:15:07 PM -0400 		V3.1: 8.1 HIGH
 V2.0: 5.5 MEDIUM
CVE-2022-29512

Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.

Published: July 10, 2022; 9:15:07 PM -0400 		V3.1: 6.5 MEDIUM
 V2.0: 4.0 MEDIUM
CVE-2022-29484

Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space.

Published: July 04, 2022; 3:15:08 AM -0400 		V3.1: 8.1 HIGH
 V2.0: 5.5 MEDIUM
CVE-2022-29471

Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.

Published: July 04, 2022; 3:15:08 AM -0400 		V3.1: 4.3 MEDIUM
 V2.0: 4.0 MEDIUM