Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
HcltechDomino

9 matches found

CVE
CVEadded 2022/11/04 9:15 p.m.58 views

CVE-2022-38654

HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.

5.5CVSS5AI score0.00075EPSS
CVE
CVEadded 2022/08/29 4:15 p.m.54 views

CVE-2022-27546

HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser with...

8.3CVSS6.4AI score0.00305EPSS
CVE
CVEadded 2022/11/04 8:15 p.m.53 views

CVE-2022-38660

HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.

8.8CVSS8.7AI score0.00137EPSS
CVE
CVEadded 2022/12/19 11:15 a.m.50 views

CVE-2022-44750

HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in ...

9.8CVSS8.1AI score0.03139EPSS
CVE
CVEadded 2022/12/19 11:15 a.m.50 views

CVE-2022-44752

HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously licen...

9.8CVSS8.2AI score0.01542EPSS
CVE
CVEadded 2022/08/29 4:15 p.m.49 views

CVE-2022-27547

HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc.

7.4CVSS6.5AI score0.00313EPSS
CVE
CVEadded 2022/05/19 10:15 p.m.48 views

CVE-2020-4107

HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure.

8.8CVSS7.7AI score0.0011EPSS
CVE
CVEadded 2022/08/29 4:15 p.m.47 views

CVE-2022-27558

HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking.

7.5CVSS6.6AI score0.00222EPSS
CVE
CVEadded 2022/12/19 11:15 a.m.46 views

CVE-2022-44754

HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in ...

9.8CVSS8.1AI score0.03139EPSS