CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23562 – HCL Domino is susceptible to an information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-23562
08 Jul 2024 — This vulnerability is being re-assessed. Vulnerability details will be updated. The security bulletin will be republished when further details are available. Una vulnerabilidad de seguridad en HCL Domino podría permitir la divulgación de información de configuración confidencial. Un atacante remoto no autenticado podría aprovechar esta vulnerabilidad para obtener información y lanzar más ataques contra el sistema afectado. A security vulnerability in HCL Domino could allow disclosure of sensitive configurat... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113822 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23588 – A denial of service vulnerability affects HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-23588
05 Jul 2024 — HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability. El servidor HCL Nomad en Domino no maneja adecuadamente a los usuarios configurados con acceso limitado a Domino, lo que genera una posible vulnerabilidad de denegación de servicio. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37539 – HCL Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2023-37539
06 Jun 2024 — The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. An attacker with the ability to edit documents in the catalog application/database created from this template can embed a cross site scripting attack. The attack would be activated by an end user clicking it. The Domino Catalog template es susceptible a una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado. Un atacante con la capacidad de editar documentos en la aplicación/base de datos del catálogo creada... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113715 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28010 – HCL Domino is susceptible to a sensitive information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2023-28010
08 Sep 2023 — In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks. En algunos escenarios de configuración, el nombre de host del servidor de Domino puede estar expuesto. Esta información podría usarse para dirigir futuros ataques. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107388 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 18EXPL: 0CVE-2022-44754 – HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
https://notcve.org/view.php?id=CVE-2022-44754
17 Dec 2022 — HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750. This vulnerability applies to software previously licensed by IBM. HCL Domino es susceptible a una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en lasr.dll en Micro Fo... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 18EXPL: 0CVE-2022-44752 – HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView
https://notcve.org/view.php?id=CVE-2022-44752
17 Dec 2022 — HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously licensed by IBM. HCL Domino es susceptible a una vulnerabilidad de desbordamiento del búfer basada en pila en wp6sr.dll en Micro Focus KeyView. Esto podría permitir que un atacante remoto no autenticado bloquee la apli... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2022-44750 – HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
https://notcve.org/view.php?id=CVE-2022-44750
17 Dec 2022 — HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754. This vulnerability applies to software previously licensed by IBM. HCL Domino es susceptible a una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en lasr.dll en Micro Fo... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 31EXPL: 0CVE-2022-38654 – HCL Domino is susceptible to an information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2022-38654
04 Nov 2022 — HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record. HCL Domino es susceptible a una vulnerabilidad de divulgación de información. En algunos escenarios, las llamadas locales realizadas en el servidor para buscar en el directorio Domino ignorarán las restricciones de ... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-38660 – HCL XPages applications are susceptible to Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2022-38660
04 Nov 2022 — HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user. Las aplicaciones HCL XPages son susceptibles a una vulnerabilidad de Cross-Site Request Forgery (CSRF). Un atacante no autenticado podría aprovechar esta vulnerabilidad para realizar acciones en la aplicación en nombre del usuario que inició sesión. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101037 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-27558 – HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability.
https://notcve.org/view.php?id=CVE-2022-27558
29 Aug 2022 — HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking. HCL iNotes es susceptible de sufrir una vulnerabilidad de comprobación de solidez de la contraseña. Las políticas de contraseñas personalizadas no son aplican en determinados formularios de iNotes, lo que podría permitir a usuarios establecer contraseñas débiles, conllevando a una mayor facil... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100217 • CWE-521: Weak Password Requirements •