Lotus Domino CVEs and Security Vulnerabilities

Filtered by vendor Ibm Subscriptions

Filtered by product Lotus Domino Subscriptions

Search

Switch to Advanced Search (Beta)

Total 106 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-7284	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8.
CVE-2008-7285	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25.
CVE-2013-4051	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-4055.
CVE-2009-5058	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR.
CVE-2013-3032	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA.
CVE-2010-0920	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."
CVE-2011-0914	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.
CVE-2011-0919	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ.
CVE-2011-1520	1 Ibm	1 Lotus Domino	2025-04-11	N/A
The default configuration of the server console in IBM Lotus Domino does not require a password (aka Server_Console_Password), which allows physically proximate attackers to perform administrative changes or obtain sensitive information via a (1) Load, (2) Tell, or (3) Set Configuration command.
CVE-2011-3576	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to WebAdmin.nsf.
CVE-2013-5388	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F.
CVE-2013-0489	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators.
CVE-2013-0487	1 Ibm	1 Lotus Domino	2025-04-11	N/A
The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.
CVE-2013-0486	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.
CVE-2013-0488	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0590	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591.
CVE-2013-0595	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3.
CVE-2013-3027	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW.
CVE-2013-3990	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2.
CVE-2009-5062	1 Ibm	3 Aix, Lotus Domino, Lotus Quickr	2025-04-11	N/A
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9.

« first previous Page 2 of 6. next last »