CVSS: 9.3EPSS: 3%CPEs: 10EXPL: 0CVE-2012-6277
https://notcve.org/view.php?id=CVE-2012-6277
21 Feb 2020 — Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of unde... • https://support.symantec.com/us/en/article.symsa1262.html •
CVSS: 8.4EPSS: 0%CPEs: 19EXPL: 0CVE-2018-1771
https://notcve.org/view.php?id=CVE-2018-1771
20 Dec 2018 — IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687. IBM Domino 9.0 y 9.0.1 podría permitir que un atacante ejecute comandos en el sistema desencadenando un desbordamiento de búfer en el análisis de los argumentos de la línea de comandos que se pasan a nsd.exe. IBM X-Force ID: 148687. • https://exchange.xforce.ibmcloud.com/vulnerabilities/148687 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 27EXPL: 0CVE-2016-6087
https://notcve.org/view.php?id=CVE-2016-6087
07 Jun 2017 — IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. IBM X-Force ID: 117918. IBM Domino versiones 8.5 y 9.0 podría permitir a un atacante robar credenciales utilizando varias sesiones y grandes cantidades de datos mediante la validación de Domino TLS Key Exchange. IBM X-Force ID: 117918. • http://www.ibm.com/support/docview.wss?uid=swg22002808 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 17%CPEs: 5EXPL: 2CVE-2017-1274 – Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)
https://notcve.org/view.php?id=CVE-2017-1274
25 Apr 2017 — IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749. IBM Domino versiones 8.5.3 y 9.0 es vulnerable a desbordamiento basado en pila en el servicio IMAP lo que podría permitir a un atacante autenticado ejecutar código arbitrario especificando un nombre largo de buzón. IBM X-Force ID: 124749. • https://packetstorm.news/files/id/152786 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2016-0270
https://notcve.org/view.php?id=CVE-2016-0270
08 Feb 2017 — IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack." NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue. IBM ... • http://www-01.ibm.com/support/docview.wss?uid=swg21979604 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2016-2938
https://notcve.org/view.php?id=CVE-2016-2938
01 Feb 2017 — IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM iNotes es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación de credenciales den... • http://www.ibm.com/support/docview.wss?uid=swg21992835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2016-2939
https://notcve.org/view.php?id=CVE-2016-2939
01 Feb 2017 — IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM iNotes es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación de credenciales den... • http://www.ibm.com/support/docview.wss?uid=swg21992835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 51EXPL: 0CVE-2016-5880
https://notcve.org/view.php?id=CVE-2016-5880
01 Feb 2017 — IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM iNotes es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación de credenciales den... • http://www.ibm.com/support/docview.wss?uid=swg21992835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2016-5882
https://notcve.org/view.php?id=CVE-2016-5882
01 Feb 2017 — IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM iNotes es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación de credenciales den... • http://www.ibm.com/support/docview.wss?uid=swg21992835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2016-5884
https://notcve.org/view.php?id=CVE-2016-5884
01 Feb 2017 — IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM iNotes es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación de credenciales den... • http://www.ibm.com/support/docview.wss?uid=swg21992835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •