CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2016-6113
https://notcve.org/view.php?id=CVE-2016-6113
01 Feb 2017 — IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Verse es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación de credenciales dentr... • http://www.ibm.com/support/docview.wss?uid=swg21992835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2016-5882
https://notcve.org/view.php?id=CVE-2016-5882
01 Feb 2017 — IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM iNotes es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación de credenciales den... • http://www.ibm.com/support/docview.wss?uid=swg21992835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 25EXPL: 0CVE-2016-0304
https://notcve.org/view.php?id=CVE-2016-0304
29 Jun 2016 — The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920. La Consola de Java en IBM Domino 8.5.x en versiones anteriores a 8.5.3 FP6 IF13 y 9.x en versiones anteriores a 9.0.1 FP6, cuando se util... • http://www-01.ibm.com/support/docview.wss?uid=swg21983328 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-0277
https://notcve.org/view.php?id=CVE-2016-0277
26 Jun 2016 — Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0278, CVE-2016-0279, and CVE-2016-0301. Desbordamiento de buffer basado en memoria dinámica en el filtro KeyView PDF en IBM Domino 8.5.x en versiones anteriores a 8.5.3 FP6 IF13 y 9.x en versiones anteriores a 9.0.1 FP6 permite a atacantes remotos ejecutar código arbitrario... • http://www-01.ibm.com/support/docview.wss?uid=swg21983292 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-0279
https://notcve.org/view.php?id=CVE-2016-0279
26 Jun 2016 — Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0301. Desbordamiento de buffer basado en memoria dinámica en el filtro KeyView PDF en IBM Domino 8.5.x en versiones anteriores a 8.5.3 FP6 IF13 y 9.x en versiones anteriores a 9.0.1 FP6 permite a atacantes remotos ejecutar código arbitrario... • http://www-01.ibm.com/support/docview.wss?uid=swg21983292 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-0301
https://notcve.org/view.php?id=CVE-2016-0301
26 Jun 2016 — Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0279. Desbordamiento de buffer basado en memoria dinámica en el filtro KeyView PDF en IBM Domino 8.5.x en versiones anteriores a 8.5.3 FP6 IF13 y 9.x en versiones anteriores a 9.0.1 FP6 permite a atacantes remotos ejecutar código arbitrario... • http://www-01.ibm.com/support/docview.wss?uid=swg21983292 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 22EXPL: 0CVE-2016-0278
https://notcve.org/view.php?id=CVE-2016-0278
26 Jun 2016 — Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0279, and CVE-2016-0301. Desbordamiento de buffer basado en memoria dinámica en el filtro KeyView PDF en IBM Domino 8.5.x en versiones anteriores a 8.5.3 FP6 IF13 y 9.x en versiones anteriores a 9.0.1 FP6 permite a atacantes remotos ejecutar código arbitrario... • http://www-01.ibm.com/support/docview.wss?uid=swg21983292 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 2%CPEs: 25EXPL: 0CVE-2015-5040
https://notcve.org/view.php?id=CVE-2015-5040
29 Oct 2015 — Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-4994. Desbordamiento de buffer en IBM Domino 8.5.1 hasta la versión 8.5.3 en versiones anteriores a 8.5.3 FP6 IF10 y 9.x en versiones anteriores a 9.0.1 FP4 IF3 permite a atacantes remotos ejecutar código arbitr... • http://www-01.ibm.com/support/docview.wss?uid=swg21969050 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2015-4994
https://notcve.org/view.php?id=CVE-2015-4994
29 Oct 2015 — Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-5040. Desbordamiento de buffer en IBM Domino 8.5.1 hasta la versión 8.5.3 en versiones anteriores a 8.5.3 FP6 IF10 y 9.x en versiones anteriores a 9.0.1 FP4 IF3 permite a atacantes remotos ejecutar código arbitr... • http://www-01.ibm.com/support/docview.wss?uid=swg21969050 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2014
https://notcve.org/view.php?id=CVE-2015-2014
23 Aug 2015 — Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA. Vulnerabilidad de redireccionamiento abierto en el servidor web en IBM Domino en 8.5 en versiones anteriores a 8.5.3 FP6 IF9 y en 9.0 en versiones anteriores a 9.0.1 FP4, permite a atacantes remotos redirigir a los usuarios a sitio... • http://www-01.ibm.com/support/docview.wss?uid=swg21963016 •