Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm lotus domino 6.0 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-2240
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino prior to 7.0.3 FP1, and 8.x prior to 8.0.1, allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
Ibm Lotus Domino 7.0
Ibm Lotus Domino 8.0
Ibm Lotus Domino 8.0.1
1 EDB exploit
435
VMScore
CVE-2004-1621
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote malicious users to execute arbitrary web script or HTML via square brackets at the beginning and end of (1)...
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.3
1 EDB exploit
445
VMScore
CVE-2005-1441
Format string vulnerability in Lotus Domino 6.0.x prior to 6.0.5 and 6.5.x prior to 6.5.4 allows remote malicious users to cause a denial of service via the Notes protocol (NRPC).
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
641
VMScore
CVE-2006-5818
Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x prior to 6.5.5 FP2 and 7.x prior to 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors.
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 6.5.4
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino
Ibm Lotus Domino 6.0.5
Ibm Lotus Domino 6.5
Ibm Lotus Domino 6.5.5
Ibm Lotus Domino 7.0
510
VMScore
CVE-2005-2428
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote malicious users to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTP...
Ibm Lotus Domino 5.0
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
2 EDB exploits
1 Github repository
694
VMScore
CVE-2005-2712
The LDAP server (nldap.exe) in IBM Lotus Domino prior to 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote malicious users to cause a denial of service (crash) via a long bind request, which triggers a null dereference.
Ibm Lotus Domino 6.0.2.1
Ibm Lotus Domino 6.0.2.2
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.5.3.1
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 6.5.4
Ibm Lotus Domino 7.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.1.1
Ibm Lotus Domino 6.0.5
Ibm Lotus Domino 6.5
Ibm Lotus Domino 6.0.1.2
Ibm Lotus Domino 6.0.1.3
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.5.2.1
383
VMScore
CVE-2008-7253
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 up to and including 8.0, enables the HTTP TRACE method, which makes it easier for remote malicious users to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a r...
Ibm Lotus Domino Server 6.0
Ibm Lotus Domino Server 8.0
Ibm Lotus Domino Server 7.0
Ibm Lotus Domino Server 6.5
715
VMScore
CVE-2007-0977
IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428.
Ibm Lotus Domino 5.0
Ibm Lotus Domino 6.0
1 EDB exploit
1 Github repository
890
VMScore
CVE-2011-0915
Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino prior to 8.5.3 allows remote malicious users to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23.
Ibm Lotus Domino 5.0.9
Ibm Lotus Domino 6.0.1.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 4.6.3
Ibm Lotus Domino 4.6.4
Ibm Lotus Domino 5.0.4
Ibm Lotus Domino 5.0.4a
Ibm Lotus Domino 6.5.2.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.5.4.1
Ibm Lotus Domino 4.6.1
Ibm Lotus Domino 7.0.2.1
Ibm Lotus Domino 7.0.2.2
Ibm Lotus Domino 8.0.2
Ibm Lotus Domino 8.0.2.1
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 5.0.9a
Ibm Lotus Domino 6.0.1.1
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 6.0.3
890
VMScore
CVE-2011-0913
Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino prior to 8.5.3 allows remote malicious users to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.
Ibm Lotus Domino 5.0.9
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 4.6.3
Ibm Lotus Domino 4.6.4
Ibm Lotus Domino 5.0.4
Ibm Lotus Domino 5.0.4a
Ibm Lotus Domino 6.5.2.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.5.4.1
Ibm Lotus Domino 4.6.1
Ibm Lotus Domino 7.0.2.1
Ibm Lotus Domino 7.0.2.2
Ibm Lotus Domino 7.0.2.3
Ibm Lotus Domino 8.0.2
Ibm Lotus Domino 8.0.2.1
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 5.0.9a
Ibm Lotus Domino 6.0.1.1
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »