CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0CVE-2011-1393
https://notcve.org/view.php?id=CVE-2011-1393
27 Dec 2011 — Unspecified vulnerability in the authentication functionality in the server in IBM Lotus Domino 8.x before 8.5.2 FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Notes RPC packet. Vulnerabilidad sin especificar en la funcionalidad de autenticación en el servidor de IBM Lotus Domino 8.x anteriores a 8.5.2 FP4 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de un paquete RPC Notes modificado. • http://secunia.com/advisories/47331 •
CVSS: 10.0EPSS: 10%CPEs: 74EXPL: 0CVE-2011-0913 – Lotus Domino Server diiop getEnvironmentString Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0913
07 Feb 2011 — Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache. Desbordamiento de búfer basado en pila en ndiiop.exe en la aplicación DIIOP en el servidor de IBM Lotus Domino v8.5.3 y anteriores, permite a atacantes remotos ejecutar código de su elección mediante una petición getEnvironmentString de GIOP, relacionado con la caché... • http://secunia.com/advisories/43208 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 11%CPEs: 74EXPL: 0CVE-2011-0914 – Lotus Domino Server diiop Client Request Operation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0914
07 Feb 2011 — Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow. Error de presencia de signo (signedness) en enteros en ndiiop.exe en la aplicación DIIOP en el servidor de IBM Lotus Domino v8.5.3 y anteriores, permite a atacantes remotos ejecutar código se elección mediante una petición del cliente GIOP, dando lugar a un desbordamiento de búfe... • http://secunia.com/advisories/43208 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 15%CPEs: 74EXPL: 0CVE-2011-0915 – IBM Lotus Domino iCalendar Meeting Request Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0915
07 Feb 2011 — Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23. Desbordamiento de búfer basado en pila en nrouter.exe en IBM Lotus Domino v8.5.3 y anteriores, permite a atacantes remotos ejecutar código de su elección a través de un parámetro de nombre largo en el encabezado Content-Type de convocatoria de ... • http://secunia.com/advisories/43208 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 83%CPEs: 5EXPL: 1CVE-2008-2240 – IBM Lotus Domino Web Server - Accept-Language Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-2240
22 May 2008 — Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header. Desbordamiento de búfer basado en pila en el Servicio Web Server en IBM Lotus Domino anterior a 7.0.3 FP1 y 8.x anterior a 8.0.1, permite a atacantes remotos provocar una denegación de servicio (caída de demonio) o la posibilidad de ejecutar código de su ... • https://www.exploit-db.com/exploits/16697 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 87%CPEs: 17EXPL: 6CVE-2007-4474 – IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-4474
27 Dec 2007 — Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. Múltiples desbordamientos de búfer basado en pila en el control ActiveX IBM Lotus Dom... • https://www.exploit-db.com/exploits/4818 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5924
https://notcve.org/view.php?id=CVE-2007-5924
10 Nov 2007 — Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.2 FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la tarea del Servidor Web (HTTP) en el IBM Lotus Domino anterior al 6.5.6 FP2 y el 7.x anterior al 7.0.2 FP2, permite a atacantes remotos autenticados la inyección de secuencias de comandos web o HTML de su ele... • http://jvn.jp/jp/JVN%2384565055/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2007-5544
https://notcve.org/view.php?id=CVE-2007-5544
29 Oct 2007 — IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. IBM Lotus Notes versiones anteriores 6.5.6, y 7.x versiones anteriores a 7.0.3; y Domino versiones anteriores 6.5.5 FP3, y 7.x versiones anteriores 7.0.2 FP1; utiliza permisos débiles (... • http://secunia.com/advisories/27321 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2006-5818
https://notcve.org/view.php?id=CVE-2006-5818
08 Nov 2006 — Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en el tunekrnl de IBM Lotus Domino 6.x en versiones anteriores a la 6.5.5 FP2 y 7.x en versiones anteriores a la 7.0.2 permite a usuarios locales obtener privilegios y ejecutar código de su elección a través de vectores sin especificar. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=440 •
CVSS: 7.8EPSS: 2%CPEs: 18EXPL: 0CVE-2005-2712
https://notcve.org/view.php?id=CVE-2005-2712
31 Dec 2005 — The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference. • http://securitytracker.com/id?1015611 •