CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-44754 – HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
https://notcve.org/view.php?id=CVE-2022-44754
17 Dec 2022 — HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750. This vulnerability applies to software previously licensed by IBM. HCL Domino es susceptible a una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en lasr.dll en Micro Fo... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-44752 – HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView
https://notcve.org/view.php?id=CVE-2022-44752
17 Dec 2022 — HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously licensed by IBM. HCL Domino es susceptible a una vulnerabilidad de desbordamiento del búfer basada en pila en wp6sr.dll en Micro Focus KeyView. Esto podría permitir que un atacante remoto no autenticado bloquee la apli... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-44750 – HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
https://notcve.org/view.php?id=CVE-2022-44750
17 Dec 2022 — HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754. This vulnerability applies to software previously licensed by IBM. HCL Domino es susceptible a una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en lasr.dll en Micro Fo... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 31EXPL: 0CVE-2022-38654 – HCL Domino is susceptible to an information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2022-38654
04 Nov 2022 — HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record. HCL Domino es susceptible a una vulnerabilidad de divulgación de información. En algunos escenarios, las llamadas locales realizadas en el servidor para buscar en el directorio Domino ignorarán las restricciones de ... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-38660 – HCL XPages applications are susceptible to Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2022-38660
04 Nov 2022 — HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user. Las aplicaciones HCL XPages son susceptibles a una vulnerabilidad de Cross-Site Request Forgery (CSRF). Un atacante no autenticado podría aprovechar esta vulnerabilidad para realizar acciones en la aplicación en nombre del usuario que inició sesión. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101037 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2022-27547 – HCL iNotes is susceptible to a link to non-existent domain vulnerability.
https://notcve.org/view.php?id=CVE-2022-27547
29 Aug 2022 — HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc. HCL iNotes es susceptible de una vulnerabilidad de enlace a un dominio no existente. Un atacante podría usar esta vulnerabilidad para engañar a un usuario para que proporcione información confidencial como el nombre de usuario, la contraseña, el número de tarjeta de crédito, etc • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100212 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.3EPSS: 0%CPEs: 59EXPL: 0CVE-2022-27546 – HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2022-27546
29 Aug 2022 — HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site and/or steal the victim's cookie-based authentication credentials. HCL iNotes es susceptible de sufrir una vulnerabilidad de tipo Cross-site Scripting (XSS) Reflejad... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100216 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4107 – HCL Domino is affected by an Insufficient Access Control vulnerability
https://notcve.org/view.php?id=CVE-2020-4107
19 May 2022 — HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure. HCL Domino está afectado por una vulnerabilidad de Control de Acceso Insuficiente. Un atacante autenticado con acceso local al sistema podría explotar esta vulnerabilidad para conseguir una escalada de privilegios, una denegación de servicio o una divulgación de info... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0090221 • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-14270
https://notcve.org/view.php?id=CVE-2020-14270
22 Dec 2020 — HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server. HCL Domino versiones v9, v10, v11 es susceptible a una vulnerabilidad de divulgación de información en XPages debido al manejo inapropiado de errores de la entrada del usuario. Un atacante no autenticado podría explotar esta vulne... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085881 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14244
https://notcve.org/view.php?id=CVE-2020-14244
14 Dec 2020 — A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the server or inject code into the system which would execute with the privileges of the server. Una vulnerabilidad en el manejo de mensajes MIME del servidor Domino (versiones 9 y 10) podría potencialmente ser explotada por un atacante no autenticado, resultando en un desbordamien... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085761 • CWE-787: Out-of-bounds Write •