Skip to main content

Kunai

6 CVEs product

Monthly

CVE-2024-23304 HIGH This Week

Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Kunai
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2017-2172 MEDIUM This Month

Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Google Kunai
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-2109 LOW Monitor

Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to obtain log information through a malicious Android application. Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

Google Information Disclosure Kunai
NVD
CVSS 3.0
2.5
EPSS
0.3%
CVE-2016-1187 MEDIUM This Month

Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Kunai
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2012-4012 MEDIUM This Month

The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Google Kunai
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-4011 CRITICAL Act Now

The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Google Java Kunai
NVD
CVSS 2.0
9.3
EPSS
2.1%
EPSS 1% CVSS 7.5
HIGH This Week

Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Kunai
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Google Kunai
NVD
EPSS 0% CVSS 2.5
LOW Monitor

Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to obtain log information through a malicious Android application. Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

Google Information Disclosure Kunai
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Kunai
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Google Kunai
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Google Java +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy