Filtered by vendor Ibm
Subscriptions
Filtered by product Lotus Domino
Subscriptions
Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0913 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache. | ||||
| CVE-2013-0486 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY. | ||||
| CVE-2013-0487 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN. | ||||
| CVE-2013-0488 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3302 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help through the Domino HTTP server. | ||||
| CVE-2012-4820 | 3 Ibm, Redhat, Tivoli Storage Productivity Center | 18 Java, Lotus Domino, Lotus Notes and 15 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method." | ||||
| CVE-2012-4822 | 3 Ibm, Redhat, Tivoli Storage Productivity Center | 18 Java, Lotus Domino, Lotus Notes and 15 more | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class." | ||||
| CVE-2013-0591 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590. | ||||
| CVE-2013-3032 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA. | ||||
| CVE-2013-4068 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2025-04-11 | N/A |
| Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. | ||||
| CVE-2010-0927 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920. | ||||
| CVE-2008-7284 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | N/A |
| IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8. | ||||
| CVE-2008-7285 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | N/A |
| Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25. | ||||
| CVE-2008-7286 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | N/A |
| IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX. | ||||
| CVE-2011-0917 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX. | ||||
| CVE-2009-5058 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR. | ||||
| CVE-2009-5061 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2025-04-11 | N/A |
| Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N. | ||||
| CVE-2009-5062 | 1 Ibm | 3 Aix, Lotus Domino, Lotus Quickr | 2025-04-11 | N/A |
| IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9. | ||||
| CVE-2010-0358 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers to cause a denial of service (daemon exit) and possibly have unspecified other impact via a long string in a crafted LDAP message to a TCP port, a different vulnerability than CVE-2009-3087. | ||||
| CVE-2010-0918 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors. | ||||