Skip to main content

Notes

77 CVEs product

Monthly

CVE-2025-21037 MEDIUM Monitor

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. Rated medium severity (CVSS 4.1), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Notes
NVD
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-21036 MEDIUM This Month

Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Notes
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-20977 LOW Monitor

Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Samsung Notes
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-20976 MEDIUM This Month

Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-20950 MEDIUM Monitor

Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Notes Samsung
NVD
CVSS 3.1
4.0
EPSS
0.1%
CVE-2025-20933 MEDIUM This Month

Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20932 MEDIUM This Month

Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20931 HIGH This Week

Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Samsung Notes
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-20930 MEDIUM This Month

Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20929 HIGH This Week

Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Samsung Notes
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-20928 MEDIUM This Month

Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20927 MEDIUM This Month

Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20925 MEDIUM This Month

Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20924 MEDIUM This Month

Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Samsung Notes
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2025-20922 MEDIUM This Month

Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20921 MEDIUM This Month

Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20920 MEDIUM This Month

Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20919 MEDIUM This Month

Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20918 MEDIUM This Month

Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20917 MEDIUM This Month

Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20916 MEDIUM This Month

Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20915 MEDIUM This Month

Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20914 MEDIUM This Month

Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-20913 MEDIUM This Month

Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-34660 HIGH This Week

Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung Memory Corruption Notes
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-34658 HIGH This Week

Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-34657 CRITICAL Act Now

Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung Memory Corruption Notes
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-34656 HIGH This Week

Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Path Traversal Samsung Notes
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-34635 LOW Monitor

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2024-34634 LOW Monitor

Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2024-34633 LOW Monitor

Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2024-34632 LOW Monitor

Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2024-34631 MEDIUM This Month

Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34630 MEDIUM This Month

Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34629 MEDIUM This Month

Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34628 MEDIUM This Month

Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34627 MEDIUM This Month

Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34626 MEDIUM This Month

Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34625 MEDIUM This Month

Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34624 MEDIUM This Month

Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-34623 HIGH This Week

Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung Memory Corruption Notes
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-34622 HIGH This Week

Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung Memory Corruption Notes
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-34621 MEDIUM This Month

Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-37317 MEDIUM PATCH This Month

The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Nextcloud Notes
NVD GitHub
CVSS 3.1
4.6
EPSS
0.3%
CVE-2024-20868 HIGH This Week

Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Notes
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-39955 MEDIUM PATCH This Month

Notes is a note-taking app for Nextcloud, an open-source cloud platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nextcloud Notes
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-44755 HIGH This Week

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption IBM RCE Buffer Overflow Notes
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2022-44753 HIGH This Week

HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption IBM RCE Buffer Overflow Notes
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-44751 HIGH This Week

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption IBM RCE Buffer Overflow Notes
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-36831 MEDIUM This Month

Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Path Traversal Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-25498 HIGH This Week

A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE Notes
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25497 HIGH This Week

A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE Notes
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25496 HIGH This Week

A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE Notes
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25495 HIGH This Week

A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Heap Overflow RCE Notes
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25494 HIGH This Week

A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE Information Disclosure Notes
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-25493 HIGH This Week

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Information Disclosure Notes
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2021-25492 HIGH This Week

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Notes
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2021-25405 MEDIUM This Month

An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Notes
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-25402 LOW Monitor

Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Notes
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-25367 MEDIUM This Month

Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Samsung Path Traversal Notes
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-25355 HIGH This Week

Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Notes
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-14224 CRITICAL PATCH Act Now

A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Notes
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-14232 HIGH This Week

A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Notes
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2020-14268 CRITICAL PATCH Act Now

A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Notes
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-4102 MEDIUM This Month

HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Notes
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-14258 HIGH PATCH This Week

HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Notes
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-4097 MEDIUM This Month

In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fix 8, version 10 previous to release 10.0.1 FixPack 6 and version 11 previous to 11.0.1 FixPack 1, a vulnerability in the input. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Notes
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2020-14240 MEDIUM This Month

HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1 is susceptible to a Stored Cross-site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Notes
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-4089 MEDIUM This Month

HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Notes
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2018-1771 HIGH PATCH This Week

IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

IBM Buffer Overflow Domino Notes
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-10501 HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. Rated high severity (CVSS 7.0). No vendor patch available.

Samsung Path Traversal Notes
NVD
CVSS 3.0
7.0
EPSS
0.3%
CVE-2018-1437 HIGH PATCH This Week

IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

IBM RCE Notes
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2018-1435 HIGH PATCH This Week

IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

IBM RCE Notes
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2018-1411 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1410 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1409 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-0270 MEDIUM PATCH This Month

IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Citrix IBM Information Disclosure Client Application Access Domino +1
NVD GitHub
CVSS 3.0
5.9
EPSS
0.5%
EPSS 0% CVSS 4.1
MEDIUM Monitor

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. Rated medium severity (CVSS 4.1), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Notes
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Notes
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Samsung Notes
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 4.0
MEDIUM Monitor

Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Notes Samsung
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Samsung Notes
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Samsung +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Path Traversal Samsung +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Samsung +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Samsung +1
NVD
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Nextcloud Notes
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Notes
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Notes is a note-taking app for Nextcloud, an open-source cloud platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nextcloud Notes
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption IBM RCE +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption IBM RCE +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption IBM RCE +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Path Traversal Notes
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Heap Overflow +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Information Disclosure +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Notes
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Notes
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Samsung Path Traversal Notes
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Notes
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Notes
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Notes
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Notes
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Notes
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Notes
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fix 8, version 10 previous to release 10.0.1 FixPack 6 and version 11 previous to 11.0.1 FixPack 1, a vulnerability in the input. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Notes
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1 is susceptible to a Stored Cross-site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Notes
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Notes
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

IBM Buffer Overflow Domino +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. Rated high severity (CVSS 7.0). No vendor patch available.

Samsung Path Traversal Notes
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

IBM RCE Notes
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

IBM RCE Notes
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes +1
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Citrix IBM Information Disclosure +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy