Lotus Domino CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (127 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2013-4051	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-4055.
CVE-2013-4063	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP.
CVE-2013-4064	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA.
CVE-2013-4068	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8.
CVE-2013-3032	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA.
CVE-2012-4822	3 Ibm, Redhat, Tivoli Storage Productivity Center	18 Java, Lotus Domino, Lotus Notes and 15 more	2025-04-11	N/A
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."
CVE-2013-5388	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F.
CVE-2011-0913	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.
CVE-2011-1424	3 Emc, Ibm, Microsoft	4 Sourceone Email Management, Lotus Domino, Lotus Notes and 1 more	2025-04-11	N/A
The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.
CVE-2011-1505	1 Ibm	2 Lotus Domino, Lotus Quickr	2025-04-11	N/A
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2.
CVE-2011-3576	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to WebAdmin.nsf.
CVE-2013-0590	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591.
CVE-2013-0591	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590.
CVE-2013-0595	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3.
CVE-2013-3990	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2.
CVE-2013-4050	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVE-2013-4055	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-4051.
CVE-2013-4065	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPR TCLE98ZKRP.
CVE-2010-0920	1 Ibm	2 Lotus Domino, Lotus Inotes	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."
CVE-2013-3027	1 Ibm	1 Lotus Domino	2025-04-11	N/A
Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW.

« first previous Page 5 of 7. next last »