CVE-2019-15576

An information disclosure vulnerability exists in GitLab CE/EE...

CVE-2017-1000459

Leanote version = 2.5 is vulnerable to XSS due to not sanitized input in markdown notes...

CVE-2012-6349

Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W...

CVE-2019-8537

An access issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to view a user’s locked notes...

CVE-2010-4550

IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to cause a denial of service sync failure via a malformed document...

CVE-2010-4545

IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service resource consumption and sync outage by syncing a large volume of data...

CVE-2010-4552

Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote attackers to cause a denial of service memory consumption and daemon outage by sending many embedded objects in e-mail messages for iPhone clients...

CVE-2012-4825

Multiple cross-site scripting XSS vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before 8.5.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 userId or 2 address parameter in a getClientConfigFile action...

CVE-2012-4824

Open redirect vulnerability in servlet/traveler in IBM Lotus Notes Traveler 8.5.3 before 8.5.3.3 Interim Fix 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirectURL parameter...

CVE-2010-5251

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse 1 nnoteswc.dll or 2 nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file. NOTE: the provenance of this...

CVE-2012-3998

Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the 1 paste id in admin/modules/modpastes.php or 2 show.php, 3 user id to admin/modules/modusers.php, 4 project to list.php, or 5 session id to show.php...

CVE-2012-5307

Cross-site scripting XSS vulnerability in servlet/traveler in IBM Lotus Notes Traveler before 8.5.3.3 Interim Fix 1, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via the redirectURL parameter, a different vulnerability than CVE-2012-4824 and CVE-2012-4825...

CVE-2010-4551

IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash by omitting the Internet ID field in the person document, and then using an Apple device to 1 accept or 2 decline an invitation...

CVE-2010-4548

IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service daemon crash by accepting a meeting invitation with an iNotes client and then accepting this meeting invitation with an iPhone client...

CVE-2009-5036

traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows remote authenticated users to cause a denial of service daemon crash via a malformed invitation document in a sync operation...

CVE-2009-0306

Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry Desktop Manager in Research In Motion RIM BlackBerry Desktop Software before 5.0.1 allows remote attackers to execute arbitrary code via a crafted web page. NOTE: some of these details are obtained...

CVE-2009-5035

The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages...

CVE-1999-0429

The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference...

CVE-2025-48239

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce product-notes-for-woocommerce allows Stored XSS.This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/...

CVE-2025-22157

This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...