Domino Security Vulnerabilities and Issues — Domino CVE List

Lucene search

IbmDomino

11 matches found

CVE•added 2015/04/21 4:59 p.m.•58 views

CVE-2015-0135

IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.

10CVSS7.7AI score0.32382EPSS

CVE•added 2015/04/06 12:59 a.m.•57 views

CVE-2015-0179

Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V.

7.2CVSS6.1AI score0.00692EPSS

CVE•added 2015/05/20 10:59 a.m.•54 views

CVE-2015-1902

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.

10CVSS8.1AI score0.34021EPSS

CVE•added 2015/04/06 12:59 a.m.•45 views

CVE-2015-0117

The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, aka SPR KLYH9SLRGM.

10CVSS7.9AI score0.13677EPSS

CVE•added 2015/10/29 11:59 a.m.•42 views

CVE-2015-5040

Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-201...

7.5CVSS8AI score0.02441EPSS

CVE•added 2015/10/29 10:59 a.m.•40 views

CVE-2015-4994

7.5CVSS8AI score0.02441EPSS

CVE•added 2015/04/06 12:59 a.m.•38 views

CVE-2015-0134

Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS8AI score0.19248EPSS

CVE•added 2015/05/20 10:59 a.m.•36 views

CVE-2015-1903

Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSN3Y.

10CVSS8AI score0.34021EPSS

CVE•added 2015/06/28 2:59 p.m.•36 views

CVE-2015-1981

Cross-site scripting (XSS) vulnerability in the web server in IBM Domino 8.5.x before 8.5.3 FP6 IF8 and 9.x before 9.0.1 FP4, when Webmail is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH9WYPR5.

2.1CVSS5.2AI score0.00295EPSS

CVE•added 2015/08/23 1:59 a.m.•36 views

CVE-2015-2014

Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA.

5.8CVSS5.8AI score0.00201EPSS

CVE•added 2015/08/23 1:59 a.m.•34 views

CVE-2015-2015

Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the Directory template) in the web server in IBM Domino before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH8WBPRN.

4.3CVSS5.6AI score0.00236EPSS