Skip to main content

Lotus Domino

31 CVEs product

Monthly

CVE-2014-3086 HIGH This Week

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Java Lotus Notes Lotus Domino +1
NVD
CVSS 2.0
7.5
EPSS
2.9%
CVE-2014-0913 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-0892 MEDIUM This Month

IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Information Disclosure Lotus Domino Lotus Notes
NVD VulDB
CVSS 2.0
5.0
EPSS
1.3%
CVE-2014-0822 HIGH This Week

The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x before 9.0.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, aka SPR KLYH9F4S2Z. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM Lotus Domino
NVD
CVSS 2.0
7.8
EPSS
1.1%
CVE-2013-4065 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
2.6
EPSS
0.2%
CVE-2013-4064 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2013-4063 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-4055 LOW Monitor

Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-4051 LOW Monitor

Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-4050 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

CSRF IBM Lotus Domino
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2013-5389 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-5388 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-4068 HIGH PATCH This Week

Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Buffer Overflow RCE IBM Lotus Domino Lotus Inotes
NVD
CVSS 2.0
7.1
EPSS
9.0%
CVE-2013-0595 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0591 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0590 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-3990 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3032 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3027 CRITICAL Act Now

Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE IBM Lotus Domino
NVD
CVSS 2.0
9.3
EPSS
4.4%
CVE-2013-0489 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

CSRF IBM Lotus Domino
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2013-0488 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-0487 HIGH This Week

The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Java Authentication Bypass Lotus Domino
NVD
CVSS 2.0
8.5
EPSS
0.6%
CVE-2013-0486 MEDIUM This Month

Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service IBM Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2012-4844 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-4842 MEDIUM This Month

Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Lotus Domino
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2012-4823 CRITICAL Act Now

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.4% and no vendor patch available.

Red Hat RCE Java IBM Lotus Domino +14
NVD
CVSS 2.0
9.3
EPSS
14.4%
CVE-2012-4822 CRITICAL Act Now

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 11.3% and no vendor patch available.

Red Hat RCE Java IBM Lotus Domino +14
NVD
CVSS 2.0
9.3
EPSS
11.3%
CVE-2012-4821 CRITICAL Act Now

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat RCE Java IBM Lotus Domino +14
NVD
CVSS 2.0
9.3
EPSS
5.0%
CVE-2012-4820 CRITICAL Act Now

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat Java Information Disclosure IBM Lotus Domino +14
NVD
CVSS 2.0
9.3
EPSS
9.4%
CVE-2012-3302 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-3301 MEDIUM This Month

Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Mozilla IBM Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 3% CVSS 7.5
HIGH This Week

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Java +3
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Information Disclosure +2
NVD VulDB
EPSS 1% CVSS 7.8
HIGH This Week

The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x before 9.0.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, aka SPR KLYH9F4S2Z. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM Lotus Domino
NVD
EPSS 0% CVSS 2.6
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

CSRF IBM Lotus Domino
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 9% CVSS 7.1
HIGH PATCH This Week

Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Buffer Overflow RCE IBM +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

IBM XSS Lotus Domino
NVD
EPSS 4% CVSS 9.3
CRITICAL Act Now

Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE IBM Lotus Domino
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

CSRF IBM Lotus Domino
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 1% CVSS 8.5
HIGH This Week

The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Java Authentication Bypass +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service IBM Lotus Domino
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Lotus Domino
NVD
EPSS 14% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.4% and no vendor patch available.

Red Hat RCE Java +16
NVD
EPSS 11% CVSS 9.3
CRITICAL Act Now

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 11.3% and no vendor patch available.

Red Hat RCE Java +16
NVD
EPSS 5% CVSS 9.3
CRITICAL Act Now

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat RCE Java +16
NVD
EPSS 9% CVSS 9.3
CRITICAL Act Now

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat Java Information Disclosure +16
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Mozilla IBM +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy