VYPR

Vendor CVEs

Lotus

All CVEs

63 total · sorted by risk
  • CVE-2001-1161Jul 2, 2001
    risk 0.00cvss epss 0.04

    Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.

  • CVE-2001-0260Jun 2, 2001
    risk 0.00cvss epss 0.04

    Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.

  • CVE-2001-0130Mar 12, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.

  • CVE-1999-0729Mar 12, 2001
    risk 0.00cvss epss 0.02

    Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.

  • CVE-2001-1445Mar 1, 2001
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.

  • CVE-2000-1138Jan 9, 2001
    risk 0.00cvss epss 0.01

    Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.

  • CVE-2000-1117Jan 9, 2001
    risk 0.00cvss epss 0.03

    The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.

  • CVE-2000-1047Dec 11, 2000
    risk 0.00cvss epss 0.04

    Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.

  • CVE-2000-0022Dec 21, 1999
    risk 0.00cvss epss 0.01

    Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.

  • CVE-2000-0023Dec 21, 1999
    risk 0.00cvss epss 0.01

    Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.

  • CVE-2000-0021Dec 1, 1999
    risk 0.00cvss epss 0.01

    Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.

  • CVE-1999-1012May 4, 1999
    risk 0.00cvss epss 0.01

    SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.

  • CVE-1999-1275Sep 8, 1997
    risk 0.00cvss epss 0.00

    Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges.

Page 2 of 2