Filtered by vendor Lotus
Subscriptions
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1047 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2025-04-03 | N/A |
| Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command. | ||||
| CVE-2002-1010 | 1 Lotus | 1 Domino R4 | 2025-04-03 | N/A |
| Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers. | ||||
| CVE-2001-1161 | 1 Lotus | 1 Domino R5 Server | 2025-04-03 | N/A |
| Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script. | ||||
| CVE-2002-2191 | 1 Lotus | 1 Domino | 2025-04-03 | N/A |
| Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner. | ||||
| CVE-2000-1203 | 1 Lotus | 1 Domino | 2025-04-03 | N/A |
| Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop. | ||||
| CVE-2002-0087 | 1 Lotus | 1 Domino | 2025-04-03 | N/A |
| bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2002-0245 | 1 Lotus | 1 Domino | 2025-04-03 | N/A |
| Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message. | ||||
| CVE-2001-0846 | 1 Lotus | 1 Domino | 2025-04-03 | N/A |
| Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). | ||||
| CVE-2001-0847 | 1 Lotus | 1 Domino Web Server | 2025-04-03 | N/A |
| Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID. | ||||
| CVE-1999-1012 | 1 Lotus | 1 Domino | 2025-04-03 | N/A |
| SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string. | ||||
| CVE-2003-1408 | 1 Lotus | 1 Domino Server | 2025-04-03 | N/A |
| Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. | ||||