Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm lotus domino vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2008-0243
Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows malicious users to cause a denial of service via unknown vectors.
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.1
7.8
CVSSv2
CVE-2007-1739
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino prior to 6.5.6 and 7.x prior to 7.0.2 FP1 allows remote malicious users to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in ...
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.1
5
CVSSv2
CVE-2005-2428
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote malicious users to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTP...
Ibm Lotus Domino 5.0
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
2 EDB exploits
1 Github repository
9.3
CVSSv2
CVE-2007-0068
IBM Lotus Domino 7.0.x prior to 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.1
Ibm Lotus Domino 7.0.2
4.3
CVSSv2
CVE-2008-7253
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 up to and including 8.0, enables the HTTP TRACE method, which makes it easier for remote malicious users to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a r...
Ibm Lotus Domino Server 6.0
Ibm Lotus Domino Server 8.0
Ibm Lotus Domino Server 7.0
Ibm Lotus Domino Server 6.5
4.3
CVSSv2
CVE-2008-2410
Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino prior to 7.0.3 FP1, and 8.x prior to 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Domino Web Server 7.0
Ibm Lotus Domino Web Server 7.0.3
Ibm Lotus Domino Web Server
Ibm Lotus Domino Web Server 7.0.1
Ibm Lotus Domino Web Server 7.0.2
7.5
CVSSv2
CVE-2002-0037
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows malicious users to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object.
Ibm Lotus Domino Server 4.6
Ibm Lotus Domino Server 4.5
Ibm Lotus Domino Server 5
4.3
CVSSv2
CVE-2014-0913
Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE.
Ibm Lotus Domino 8.5.3.6
Ibm Lotus Inotes 9.0.1.0
Ibm Lotus Domino 9.0.1.0
Ibm Lotus Inotes 8.5.3.6
4.3
CVSSv2
CVE-2013-5388
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F.
Ibm Lotus Domino 9.0.0.0
Ibm Lotus Domino 8.5.3.0
4.3
CVSSv2
CVE-2013-5389
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X.
Ibm Lotus Domino 8.5.3.0
Ibm Lotus Domino 9.0.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »