Export limit exceeded: 364491 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364491 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5977 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.3 Medium |
| Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 may allow a remote authenticated attackers to alter mail header via the application 'E-Mail'. | ||||
| CVE-2019-5976 | 1 Cybozu | 1 Garoon | 2024-11-21 | 4.9 Medium |
| Cybozu Garoon 4.0.0 to 4.10.2 allows an attacker with administrative rights to cause a denial of service condition via unspecified vectors. | ||||
| CVE-2019-5975 | 1 Cybozu | 1 Garoon | 2024-11-21 | 5.4 Medium |
| DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5974 | 1 Contest-gallery | 1 Contest Gallery | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2019-5973 | 1 Sukimalab | 1 Online Lesson Booking | 2024-11-21 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in Online Lesson Booking 0.8.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2019-5972 | 1 Sukimalab | 1 Online Lesson Booking | 2024-11-21 | 6.1 Medium |
| Cross-site scripting vulnerability in Online Lesson Booking 0.8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5971 | 1 Sukimalab | 1 Attendance Manager | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2019-5970 | 1 Sukimalab | 1 Attendance Manager | 2024-11-21 | 6.1 Medium |
| Cross-site scripting vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5969 | 1 Weseek | 1 Growi | 2024-11-21 | N/A |
| Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote attackersto redirect users to arbitrary web sites and conduct phishing attacks via the process of login. | ||||
| CVE-2019-5968 | 1 Weseek | 1 Growi | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in GROWI v3.4.6 and earlier allows remote attackers to hijack the authentication of administrators via updating user's 'Basic Info'. | ||||
| CVE-2019-5967 | 1 Joruri | 1 Joruri Cms 2017 | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Joruri CMS 2017 Release2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5966 | 1 Joruri | 1 Joruri Mail | 2024-11-21 | N/A |
| Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors. | ||||
| CVE-2019-5965 | 1 Joruri | 1 Joruri Mail | 2024-11-21 | N/A |
| Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2019-5964 | 1 Idoors | 1 Idoors Reader | 2024-11-21 | N/A |
| iDoors Reader 2.10.17 and earlier allows an attacker on the same network segment to bypass authentication to access the management console and operate the product via unspecified vectors. | ||||
| CVE-2019-5963 | 1 Zoho | 1 Salesiq | 2024-11-21 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2019-5962 | 1 Zoho | 1 Salesiq | 2024-11-21 | 6.1 Medium |
| Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2019-5961 | 1 Mastodon-tootdon | 1 Tootdon For Mastodon | 2024-11-21 | N/A |
| The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2019-5960 | 1 Custom4web | 1 Wp Open Graph | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in WP Open Graph 1.6.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2019-5958 | 1 Soumu | 1 Electronic Reception And Examination Of Application For Radio Licenses | 2024-11-21 | N/A |
| Untrusted search path vulnerability in Electronic reception and examination of application for radio licenses Offline 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2019-5957 | 1 Soumu | 1 Electronic Reception And Examination Of Application For Radio Licenses | 2024-11-21 | N/A |
| Untrusted search path vulnerability in Installer of Electronic reception and examination of application for radio licenses Online 1.0.9.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||