Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
domino vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2001-0130
Buffer overflow in HTML parser of the Lotus R5 Domino Server prior to 5.06, and Domino Client prior to 5.05, allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
Lotus Domino R5 Client 5.05
Lotus Domino R5 Client 5.04
Lotus Domino R5 Server 5.06
Lotus Domino R5 Server 5.05
Lotus Domino R5 Server 5.04
4.3
CVSSv2
CVE-2020-4127
HCL Domino is susceptible to a Login CSRF vulnerability. With a valid credential, an attacker could trick a user into accessing a system under another ID or use an intranet user's system to access internal systems from the internet. Fixes are available in HCL Domino versions...
Hcltech Hcl Domino
Hcltech Hcl Domino 9.0.1
Hcltech Hcl Domino 10.0.1
5
CVSSv2
CVE-2020-4129
HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the LDAP service. Fixes are available in HCL Domino versions 9.0.1 FP10 IF6, 10.0.1 FP6 and 11.0....
Hcltech Hcl Domino
Hcltech Hcl Domino 9.0.1
Hcltech Hcl Domino 10.0.1
4.3
CVSSv2
CVE-2007-5924
Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino prior to 6.5.6 FP2, and 7.x prior to 7.0.2 FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino
9.3
CVSSv2
CVE-2007-0068
IBM Lotus Domino 7.0.x prior to 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0.1
7.8
CVSSv2
CVE-2007-1739
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino prior to 6.5.6 and 7.x prior to 7.0.2 FP1 allows remote malicious users to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in ...
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0.1
7.8
CVSSv2
CVE-2008-0243
Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows malicious users to cause a denial of service via unknown vectors.
Ibm Lotus Domino 7.0
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0.1
5
CVSSv2
CVE-2005-2428
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote malicious users to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTP...
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
Ibm Lotus Domino 5.0
2 EDB exploits
1 Github repository
4.3
CVSSv2
CVE-2008-7253
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 up to and including 8.0, enables the HTTP TRACE method, which makes it easier for remote malicious users to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a r...
Ibm Lotus Domino Server 7.0
Ibm Lotus Domino Server 6.0
Ibm Lotus Domino Server 6.5
Ibm Lotus Domino Server 8.0
NA
CVE-2022-27546
HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim...
Hcltech Hcl Inotes 11.0.1
Hcltech Hcl Inotes 10.0.1
Hcltech Hcl Inotes 9.0.1
Hcltech Hcl Inotes 10.0
Hcltech Hcl Inotes 11.0
Hcltech Hcl Inotes 12.0
Hcltech Hcl Inotes 12.0.1
Hcltech Domino 10.0.1
Hcltech Domino 9.0.1
Hcltech Domino 11.0
Hcltech Domino 11.0.1
Hcltech Domino 9.0
Hcltech Domino 10.0
Hcltech Domino 12.0
Hcltech Domino 12.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »