Lotus Domino CVEs and Security Vulnerabilities

Filtered by vendor Ibm Subscriptions

Filtered by product Lotus Domino Subscriptions

Search

Switch to Advanced Search (Beta)

Total 106 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2010-0918	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors.
CVE-2011-3575	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf.
CVE-2009-5060	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX.
CVE-2011-0917	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX.
CVE-2014-0822	1 Ibm	1 Lotus Domino	2025-04-11	N/A
The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x before 9.0.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, aka SPR KLYH9F4S2Z.
CVE-2011-1505	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2.
CVE-2012-3302	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help through the Domino HTTP server.
CVE-2011-0920	1 Ibm	1 Lotus Domino	2025-04-11	N/A
The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS.
CVE-2008-7284	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8.
CVE-2008-7286	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX.
CVE-2012-3301	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers.
CVE-2008-7285	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25.
CVE-2013-4068	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8.
CVE-2010-0921	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."
CVE-2013-0486	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.
CVE-2013-0487	1 Ibm	1 Lotus Domino	2025-04-11	N/A
The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.
CVE-2013-0488	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0927	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920.
CVE-2013-0590	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591.
CVE-2013-4064	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA.

« first previous Page 4 of 6. next last »