|
249651
|
6.5 |
MEDIUM
Network
|
hatena
|
hatena_bookmark
|
Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display.
|
CWE-20
Improper Input Validation
|
CVE-2018-0560
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249652
|
5.4 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0551
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249653
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2018-0550
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249654
|
5.4 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0549
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249655
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2018-0548
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249656
|
4.9 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of session authentication via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2018-0533
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249657
|
2.7 |
LOW
Network
|
cybozu
|
garoon
|
Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0532
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249658
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2018-0531
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249659
|
8.8 |
HIGH
Network
|
cybozu
|
garoon
|
SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2018-0530
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249660
|
8.8 |
HIGH
Adjacent
|
buffalo
|
wzr-1750dhp2_firmware
|
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2018-0556
|
2024-11-21 12:38 |
2018-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
