Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
IbmLotus Notes

17 matches found

CVE
CVEadded 2002/10/10 4:0 a.m.1067 views

CVE-2002-0370

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 thr...

7.5CVSS7.9AI score0.32271EPSS
CVE
CVEadded 2005/06/21 4:0 a.m.86 views

CVE-2001-1504

Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.

7.5CVSS8AI score0.02987EPSS
CVE
CVEadded 2014/08/12 12:55 a.m.71 views

CVE-2014-3086

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager.

7.5CVSS4.3AI score0.02857EPSS
CVE
CVEadded 2018/07/16 2:29 p.m.64 views

CVE-2013-0522

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ...

7CVSS6.5AI score0.00042EPSS
CVE
CVEadded 2007/10/29 9:46 p.m.59 views

CVE-2007-5544

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other characte...

7.8CVSS7.3AI score0.00089EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.48 views

CVE-1999-0429

The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.

7.5CVSS6.9AI score0.0057EPSS
CVE
CVEadded 2018/02/13 8:29 p.m.46 views

CVE-2017-1714

IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated local user without administrative privileges to gain System privilege. IBM X-Force ID: 134633.

7.8CVSS7.3AI score0.00047EPSS
CVE
CVEadded 2013/06/21 5:55 p.m.45 views

CVE-2013-0536

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.

7.2CVSS6.7AI score0.00048EPSS
CVE
CVEadded 2006/01/09 11:3 a.m.44 views

CVE-2006-0121

Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MK...

7.8CVSS6.3AI score0.01076EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.42 views

CVE-2000-0891

A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email.

7.5CVSS7.5AI score0.03323EPSS
CVE
CVEadded 2018/02/13 8:29 p.m.42 views

CVE-2017-1711

IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532.

7.8CVSS7.2AI score0.00214EPSS
CVE
CVEadded 2018/02/19 2:29 p.m.40 views

CVE-2018-1411

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138710.

7.8CVSS7.5AI score0.0003EPSS
CVE
CVEadded 2018/03/14 12:29 a.m.39 views

CVE-2018-1435

IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563.

7.8CVSS7.5AI score0.00991EPSS
CVE
CVEadded 2009/09/09 10:30 p.m.37 views

CVE-2009-3114

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K.

7.5CVSS7AI score0.00772EPSS
CVE
CVEadded 2001/01/09 5:0 a.m.36 views

CVE-2000-1138

Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.

7.5CVSS6.9AI score0.00467EPSS
CVE
CVEadded 2018/02/19 2:29 p.m.36 views

CVE-2018-1410

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138709.

7.8CVSS7.5AI score0.00042EPSS
CVE
CVEadded 2018/02/19 2:29 p.m.35 views

CVE-2018-1409

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138708.

7.8CVSS7.5AI score0.0003EPSS