Lucene search

K
IbmDomino

27 matches found

CVE
CVE
added 2020/02/21 5:15 p.m.132 views

CVE-2012-6277

Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8...

9.3CVSS8.1AI score0.0325EPSS
CVE
CVE
added 2017/04/25 6:59 p.m.101 views

CVE-2017-1274

IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749.

8.8CVSS8.6AI score0.17768EPSS
CVE
CVE
added 2016/06/26 2:59 p.m.61 views

CVE-2016-0277

Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0278, CVE-2016-0279, and CVE-2016-0301.

7.8CVSS7.8AI score0.04981EPSS
CVE
CVE
added 2016/06/26 2:59 p.m.60 views

CVE-2016-0279

Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0301.

7.8CVSS7.8AI score0.04981EPSS
CVE
CVE
added 2015/04/21 4:59 p.m.58 views

CVE-2015-0135

IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.

10CVSS7.7AI score0.32382EPSS
CVE
CVE
added 2015/04/06 12:59 a.m.57 views

CVE-2015-0179

Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.

7.2CVSS6.1AI score0.00692EPSS
CVE
CVE
added 2015/05/20 10:59 a.m.54 views

CVE-2015-1902

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.

10CVSS8.1AI score0.34021EPSS
CVE
CVE
added 2016/06/26 2:59 p.m.51 views

CVE-2016-0278

Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0279, and CVE-2016-0301.

7.8CVSS7.8AI score0.04981EPSS
CVE
CVE
added 2018/12/20 2:29 p.m.50 views

CVE-2018-1771

IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687.

8.4CVSS7.9AI score0.00033EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.46 views

CVE-2016-5882

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00282EPSS
CVE
CVE
added 2015/04/06 12:59 a.m.45 views

CVE-2015-0117

The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, aka SPR KLYH9SLRGM.

10CVSS7.9AI score0.13677EPSS
CVE
CVE
added 2017/02/08 4:59 p.m.45 views

CVE-2016-0270

IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden att...

5.9CVSS5.5AI score0.00707EPSS
CVE
CVE
added 2016/06/29 1:59 a.m.45 views

CVE-2016-0304

The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE...

8.1CVSS8.5AI score0.04369EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.45 views

CVE-2016-5880

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00269EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.44 views

CVE-2016-5884

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00282EPSS
CVE
CVE
added 2015/10/29 11:59 a.m.42 views

CVE-2015-5040

Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-201...

7.5CVSS8AI score0.02441EPSS
CVE
CVE
added 2016/06/26 2:59 p.m.42 views

CVE-2016-0301

Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0279.

7.8CVSS7.8AI score0.04981EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.41 views

CVE-2016-2938

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00282EPSS
CVE
CVE
added 2015/10/29 10:59 a.m.40 views

CVE-2015-4994

Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-201...

7.5CVSS8AI score0.02441EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.40 views

CVE-2016-2939

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00282EPSS
CVE
CVE
added 2015/04/06 12:59 a.m.38 views

CVE-2015-0134

Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS8AI score0.19248EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.37 views

CVE-2016-6113

IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00282EPSS
CVE
CVE
added 2015/05/20 10:59 a.m.36 views

CVE-2015-1903

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSN3Y.

10CVSS8AI score0.34021EPSS
CVE
CVE
added 2015/06/28 2:59 p.m.36 views

CVE-2015-1981

Cross-site scripting (XSS) vulnerability in the web server in IBM Domino 8.5.x before 8.5.3 FP6 IF8 and 9.x before 9.0.1 FP4, when Webmail is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH9WYPR5.

2.1CVSS5.2AI score0.00295EPSS
CVE
CVE
added 2015/08/23 1:59 a.m.36 views

CVE-2015-2014

Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA.

5.8CVSS5.8AI score0.00201EPSS
CVE
CVE
added 2017/06/07 5:29 p.m.36 views

CVE-2016-6087

IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. IBM X-Force ID: 117918.

9.8CVSS8.9AI score0.01433EPSS
CVE
CVE
added 2015/08/23 1:59 a.m.34 views

CVE-2015-2015

Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the Directory template) in the web server in IBM Domino before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH8WBPRN.

4.3CVSS5.6AI score0.00236EPSS