VYPR

Lotus Domino

by IBM

CVEs (132)

  • CVE-2013-4050Nov 8, 2013
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2013-5389Oct 22, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X.

  • CVE-2013-5388Oct 22, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F.

  • CVE-2013-4068Sep 20, 2013
    risk 0.00cvss epss 0.04

    Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8.

  • CVE-2013-0595Aug 27, 2013
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3.

  • CVE-2013-0591Aug 27, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590.

  • CVE-2013-0590Aug 27, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591.

  • CVE-2013-3990Aug 9, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2.

  • CVE-2013-3032Aug 9, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA.

  • CVE-2013-3027Aug 9, 2013
    risk 0.00cvss epss 0.03

    Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW.

  • CVE-2013-0489Mar 27, 2013
    risk 0.00cvss epss 0.00

    Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators.

  • CVE-2013-0488Mar 27, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-0487Mar 27, 2013
    risk 0.00cvss epss 0.02

    The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.

  • CVE-2013-0486Mar 27, 2013
    risk 0.00cvss epss 0.01

    Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.

  • CVE-2012-4844Feb 27, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-4842Feb 27, 2013
    risk 0.00cvss epss 0.01

    Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2012-4820Jan 11, 2013
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart…

  • CVE-2012-3302Aug 21, 2012
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help…

  • CVE-2012-3301Aug 21, 2012
    risk 0.00cvss epss 0.01

    Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2)…

  • CVE-2011-1393Dec 27, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the authentication functionality in the server in IBM Lotus Domino 8.x before 8.5.2 FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Notes RPC packet.

Page 4 of 7