Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lotus notes vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2004-1621
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote malicious users to execute arbitrary web script or HTML via square brackets at the beginning and end of (1)...
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.3
1 EDB exploit
409
VMScore
CVE-2005-2454
IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.
Ibm Lotus Notes 6.5.4
Ibm Lotus Notes 6.5.5
Ibm Lotus Notes 7.0.0
Ibm Lotus Notes 7.0.1
409
VMScore
CVE-2005-1442
Buffer overflow in the Lotus Notes client for Domino 6.5 prior to 6.5.4 and 6.0 prior to 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file.
Ibm Lotus Notes 6.5.1
Ibm Lotus Notes 6.5.2
Ibm Lotus Notes 6.0.2
Ibm Lotus Notes 6.0.3
Ibm Lotus Notes 6.0
Ibm Lotus Notes 6.0.1
Ibm Lotus Notes 6.5.3
Ibm Lotus Notes 6.0.4
Ibm Lotus Notes 6.5
409
VMScore
CVE-2004-0029
Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges.
Ibm Lotus Domino 6.0.2
383
VMScore
CVE-2013-0538
Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x prior to 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote malicious users to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49.
Ibm Lotus Notes 8.5.3
Ibm Lotus Notes 8.5.2.3
Ibm Lotus Notes 8.5
Ibm Lotus Notes 8.0.2.2
Ibm Lotus Notes 8.0.2.3
Ibm Lotus Notes 8.5.1.3
Ibm Lotus Notes 8.5.1.4
Ibm Lotus Notes 8.0.2.1
Ibm Lotus Notes 8.5.2.2
Ibm Lotus Notes 8.0.1
Ibm Lotus Notes 8.0.2.4
Ibm Lotus Notes 8.5.0.0
Ibm Lotus Notes 8.5.0.1
Ibm Lotus Notes 8.5.2.1
Ibm Lotus Notes 8.5.3.2
Ibm Lotus Notes 8.0.2
Ibm Lotus Notes 8.0
Ibm Lotus Notes 8.0.2.5
Ibm Lotus Notes 8.0.0
Ibm Lotus Notes 8.0.2.6
Ibm Lotus Notes 8.5.1.5
Ibm Lotus Notes 8.5.3.3
383
VMScore
CVE-2012-4846
IBM Lotus Notes 8.5.x prior to 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie, aka SPRs JMAS7TRNLN and ...
Ibm Lotus Notes 8.5.1.5
Ibm Lotus Notes 8.5.1.3
Ibm Lotus Notes 8.5.3.1
Ibm Lotus Notes 8.5.3.2
Ibm Lotus Notes 8.5.1.0
Ibm Lotus Notes 8.5.1.2
Ibm Lotus Notes 8.5.2.3
Ibm Lotus Notes 8.5.2.0
Ibm Lotus Notes 8.5.0.0
Ibm Lotus Notes 8.5.0.1
Ibm Lotus Notes 8.5.1.4
Ibm Lotus Notes 8.5.2.2
Ibm Lotus Notes 8.5.1
Ibm Lotus Notes 8.5.1.1
Ibm Lotus Notes 8.5.2.1
Ibm Lotus Notes 8.5.3
383
VMScore
CVE-2012-4825
Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler prior to 8.5.3.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) userId or (2) address parameter in a getClientConfigFile action.
Ibm Lotus Notes Traveler
Ibm Lotus Notes Traveler 8.5.2.1
Ibm Lotus Notes Traveler 8.5.1.2
Ibm Lotus Notes Traveler 8.5.1.1
Ibm Lotus Notes Traveler 8.5.0.2
Ibm Lotus Notes Traveler 8.5.0.1
Ibm Lotus Notes Traveler 8.5.0.0
Ibm Lotus Notes Traveler 8.5.3
Ibm Lotus Notes Traveler 8.5.1.3
383
VMScore
CVE-2010-4544
Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus Notes Traveler prior to 8.5.1.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Notes Traveler 8.5.1.1
Ibm Lotus Notes Traveler 8.5.0.2
Ibm Lotus Notes Traveler 8.0.1.3
Ibm Lotus Notes Traveler 8.0.1.2
Ibm Lotus Notes Traveler
Ibm Lotus Notes Traveler 8.0.1
Ibm Lotus Notes Traveler 8.0
Ibm Lotus Notes Traveler 8.5.0.1
Ibm Lotus Notes Traveler 8.5.0.0
383
VMScore
CVE-2009-5035
The Nokia client in IBM Lotus Notes Traveler prior to 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote malicious users to read communications intended for other recipients by examining appended messages.
Ibm Lotus Notes Traveler
Ibm Lotus Notes Traveler 8.5.0.0
Ibm Lotus Notes Traveler 8.0.1.3
Ibm Lotus Notes Traveler 8.0.1.2
Ibm Lotus Notes Traveler 8.0
Ibm Lotus Notes Traveler 8.0.1
383
VMScore
CVE-2008-0862
IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote malicious users to bypass Execution Control List (ECL) protection.
Ibm Lotus Notes 6.0
Ibm Lotus Notes 6.5
Ibm Lotus Notes 7.0
Ibm Lotus Notes 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »