Skip to main content

Lotus Inotes

13 CVEs product

Monthly

CVE-2016-0282 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Lotus Inotes
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2014-0913 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4065 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
2.6
EPSS
0.2%
CVE-2013-4064 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2013-4063 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-4068 HIGH PATCH This Week

Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Buffer Overflow RCE IBM Lotus Domino Lotus Inotes
NVD
CVSS 2.0
7.1
EPSS
9.0%
CVE-2013-0595 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0591 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0590 LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino Lotus Inotes
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0536 HIGH This Week

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation IBM Lotus Inotes Lotus Notes Lotus Notes Traveler
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2013-0525 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX. Rated low severity (CVSS 1.5). No vendor patch available.

IBM XSS Lotus Inotes
NVD
CVSS 2.0
1.5
EPSS
0.1%
CVE-2012-5943 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Inotes
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-2175 CRITICAL POC THREAT Emergency

Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 66.5%.

Buffer Overflow RCE IBM Lotus Inotes
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
66.5%
Threat
5.4
EPSS 0% CVSS 5.4
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Lotus Inotes
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 2.6
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 9% CVSS 7.1
HIGH PATCH This Week

Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Buffer Overflow RCE IBM +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation IBM Lotus Inotes +2
NVD
EPSS 0% CVSS 1.5
LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX. Rated low severity (CVSS 1.5). No vendor patch available.

IBM XSS Lotus Inotes
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Inotes
NVD
EPSS 66% 5.4 CVSS 9.3
CRITICAL POC THREAT Emergency

Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 66.5%.

Buffer Overflow RCE IBM +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy