CVSS: 9.3EPSS: 3%CPEs: 10EXPL: 0CVE-2012-6277
https://notcve.org/view.php?id=CVE-2012-6277
21 Feb 2020 — Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of unde... • https://support.symantec.com/us/en/article.symsa1262.html •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2018-1435
https://notcve.org/view.php?id=CVE-2018-1435
14 Mar 2018 — IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563. IBM Notes 8.5 y 9.0 es vulnerable a un ataque de secuestro de DLL. Un atacante remoto podría engañar a un usuario para que haga doble clic sobre un ejecutable malicioso en un directorio controlado por el atacante, lo que podría resultar en la ejecución de código. • http://www.ibm.com/support/docview.wss?uid=swg22014198 • CWE-426: Untrusted Search Path •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2018-1437
https://notcve.org/view.php?id=CVE-2018-1437
14 Mar 2018 — IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. A local attacker could exploit this vulnerability to DLL hijacking to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 139565. IBM Notes 8.5 y 9.0 podría permitir que un atacante ejecute código arbitrario en el sistema. Esto ha sido provocado por un error relacionado con múltiples rutas de búsqueda no fiables. • http://www.ibm.com/support/docview.wss?uid=swg22014201 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-1711
https://notcve.org/view.php?id=CVE-2017-1711
13 Feb 2018 — IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532. Las versiones 8.5 y 9.0 de IBM iNotes SUService pueden manipularse para que ejecuten código malicioso de un DLL disfrazado de DLL de windows en el directorio temp. IBM X-Force ID: 134532. • http://www.ibm.com/support/docview.wss?uid=swg22010774 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-1714
https://notcve.org/view.php?id=CVE-2017-1714
13 Feb 2018 — IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated local user without administrative privileges to gain System privilege. IBM X-Force ID: 134633. IBM Notes and Domino NSD 8.5 y 9.0 podrían permitir que un usuario local autenticado sin privilegios administrativos obtenga privilegios System. IBM X-Force ID: 134633. • http://www.ibm.com/support/docview.wss?uid=swg22010776 •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-1720
https://notcve.org/view.php?id=CVE-2017-1720
13 Feb 2018 — IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully crafting a command line sent via the shared memory IPC. IBM X-Force ID: 134807. Las versiones 8.5 y 9.0 de IBM Notes podrían permitir que un atacante local ejecute comandos arbitrarios manipulando cuidadosamente una línea de comandos enviada mediante el IPC de la memoria compartida. IBM X-Force ID: 134807. • http://www.ibm.com/support/docview.wss?uid=swg22010766 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 47EXPL: 0CVE-2014-0892
https://notcve.org/view.php?id=CVE-2014-0892
23 Apr 2014 — IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W. IBM Notes y Domino 8.5.x anterior a 8.5.3 FP6 IF3 y 9.x anterior a 9.0.1 FP1 en plataformas de 32-bit de Linux utilizan opciones gcc incorrectas, lo que facilita a atacantes remotos ejecutar código... • http://www-01.ibm.com/support/docview.wss?uid=swg21670264 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 8%CPEs: 19EXPL: 0CVE-2012-6349
https://notcve.org/view.php?id=CVE-2012-6349
18 Jul 2013 — Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W. Desbordamiento de búfer en el parser .mdb en Autonomy KeyView IDOL, como se utilizaba en IBM Notes v8.5.x anterior a v8.5.3 FP4, permite a atacantes remotos ejecutar código arbitrario a través de un archivo especialmente elaborado, también conocido como SPR KLYH92XL3W. • http://www-01.ibm.com/support/docview.wss?uid=swg21627992 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 21%CPEs: 42EXPL: 1CVE-2013-2977
https://notcve.org/view.php?id=CVE-2013-2977
10 May 2013 — Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q. Desbordamiento de entero en IBM Notes v8.5.x anterior a v8.5.3 FP4 Interim Fix 1 y v9.x anterior a v9.0 Interim Fix 1 en Windows, y v8.5.x anterior a v8.5.3 FP5 y v9.x anterior a v9.0.1 en Linux, permite a atacantes... • https://github.com/defrancescojp/CVE-2013-2977 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 0CVE-2013-0127
https://notcve.org/view.php?id=CVE-2013-0127
01 May 2013 — IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and JMOY95BN49. IBM Lotus Notes v8.x anterior a v8.5.3 FP4 Interim Fix v1 y v9.0 anterior a Interim Fix 1 no bloquea elementos APPLET en correos HTML, lo cual permite a atacantes remotos eludir restricciones de ejecuci... • http://seclists.org/fulldisclosure/2013/Apr/262 • CWE-264: Permissions, Privileges, and Access Controls •