Vulnerabilities (CVE)

Filtered by vendor Lotus Subscribe
Total 31 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0290 3 Lotus, Microsoft, Rim 3 Domino, Exchange Server, Blackberry Enterprise Server 2024-02-28 6.5 MEDIUM N/A
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.
CVE-2002-1010 1 Lotus 1 Domino R4 2024-02-28 7.5 HIGH N/A
Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers.
CVE-2001-0939 1 Lotus 1 Domino 2024-02-28 5.0 MEDIUM N/A
Lotus Domino 5.08 and earlier allows remote attackers to cause a denial of service (crash) via a SunRPC NULL command to port 443.
CVE-2001-0954 1 Lotus 1 Domino 2024-02-28 5.0 MEDIUM N/A
Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory.
CVE-2001-0603 1 Lotus 1 Domino R5 Server 2024-02-28 5.0 MEDIUM N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148.
CVE-2002-0087 1 Lotus 1 Domino 2024-02-28 2.1 LOW N/A
bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files.
CVE-2002-0245 1 Lotus 1 Domino 2024-02-28 7.5 HIGH N/A
Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message.
CVE-2001-1445 1 Lotus 1 Domino Mail Server 2024-02-28 7.5 HIGH N/A
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
CVE-2001-1161 1 Lotus 1 Domino R5 Server 2024-02-28 7.5 HIGH N/A
Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.
CVE-2000-1046 1 Lotus 1 Domino 2024-02-28 10.0 HIGH N/A
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.
CVE-2000-0021 1 Lotus 1 Domino Server 2024-02-28 5.0 MEDIUM N/A
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
CVE-2001-0601 1 Lotus 1 Domino R5 Server 2024-02-28 5.0 MEDIUM N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters.
CVE-2001-0130 1 Lotus 2 Domino R5 Client, Domino R5 Server 2024-02-28 10.0 HIGH N/A
Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
CVE-2001-0847 1 Lotus 1 Domino Web Server 2024-02-28 7.5 HIGH N/A
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.
CVE-2000-0022 1 Lotus 1 Domino Server 2024-02-28 5.0 MEDIUM N/A
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
CVE-2001-1018 1 Lotus 1 Domino 2024-02-28 5.0 MEDIUM N/A
Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters.
CVE-2001-0604 1 Lotus 1 Domino R5 Server 2024-02-28 5.0 MEDIUM N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters.
CVE-2000-0023 1 Lotus 1 Domino Server 2024-02-28 5.0 MEDIUM N/A
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
CVE-2000-1203 1 Lotus 1 Domino 2024-02-28 5.0 MEDIUM N/A
Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop.
CVE-2000-1047 1 Lotus 2 Domino Enterprise Server, Domino Mail Server 2024-02-28 10.0 HIGH N/A
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.