Vendor CVEs
Lotus
All CVEs
63 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-1161 | 0.00 | — | 0.04 | Jul 2, 2001 | Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script. | |||
| CVE-2001-0260 | 0.00 | — | 0.04 | Jun 2, 2001 | Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. | |||
| CVE-2001-0130 | 0.00 | — | 0.03 | Mar 12, 2001 | Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier. | |||
| CVE-1999-0729 | 0.00 | — | 0.02 | Mar 12, 2001 | Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request. | |||
| CVE-2001-1445 | 0.00 | — | 0.02 | Mar 1, 2001 | Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands. | |||
| CVE-2000-1138 | 0.00 | — | 0.01 | Jan 9, 2001 | Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. | |||
| CVE-2000-1117 | 0.00 | — | 0.03 | Jan 9, 2001 | The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method. | |||
| CVE-2000-1047 | 0.00 | — | 0.04 | Dec 11, 2000 | Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command. | |||
| CVE-2000-0022 | 0.00 | — | 0.01 | Dec 21, 1999 | Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory. | |||
| CVE-2000-0023 | 0.00 | — | 0.01 | Dec 21, 1999 | Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL. | |||
| CVE-2000-0021 | 0.00 | — | 0.01 | Dec 1, 1999 | Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. | |||
| CVE-1999-1012 | 0.00 | — | 0.01 | May 4, 1999 | SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string. | |||
| CVE-1999-1275 | 0.00 | — | 0.00 | Sep 8, 1997 | Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. |
- CVE-2001-1161Jul 2, 2001risk 0.00cvss —epss 0.04
Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.
- CVE-2001-0260Jun 2, 2001risk 0.00cvss —epss 0.04
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.
- CVE-2001-0130Mar 12, 2001risk 0.00cvss —epss 0.03
Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
- CVE-1999-0729Mar 12, 2001risk 0.00cvss —epss 0.02
Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.
- CVE-2001-1445Mar 1, 2001risk 0.00cvss —epss 0.02
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
- CVE-2000-1138Jan 9, 2001risk 0.00cvss —epss 0.01
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.
- CVE-2000-1117Jan 9, 2001risk 0.00cvss —epss 0.03
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.
- CVE-2000-1047Dec 11, 2000risk 0.00cvss —epss 0.04
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.
- CVE-2000-0022Dec 21, 1999risk 0.00cvss —epss 0.01
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
- CVE-2000-0023Dec 21, 1999risk 0.00cvss —epss 0.01
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
- CVE-2000-0021Dec 1, 1999risk 0.00cvss —epss 0.01
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
- CVE-1999-1012May 4, 1999risk 0.00cvss —epss 0.01
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.
- CVE-1999-1275Sep 8, 1997risk 0.00cvss —epss 0.00
Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges.
Page 2 of 2