Export limit exceeded: 366658 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366658 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (290 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4142 | 1 Ibm | 1 Lotus Sametime | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting. | ||||
| CVE-2007-4222 | 1 Ibm | 1 Lotus Notes | 2026-04-23 | N/A |
| Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email. | ||||
| CVE-2007-0977 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428. | ||||
| CVE-2007-0068 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database. | ||||
| CVE-2007-5406 | 3 Autonomy, Ibm, Symantec | 3 Keyview, Lotus Notes, Mail Security | 2026-04-23 | N/A |
| kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file. | ||||
| CVE-2007-1739 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation. | ||||
| CVE-2008-1216 | 1 Ibm | 1 Lotus Quickr Server | 2026-04-23 | N/A |
| IBM Lotus Quickr 8.0 server, and possibly QuickPlace 7.x, does not properly identify URIs containing cross-site scripting (XSS) attack strings, which allows remote attackers to inject arbitrary web script or HTML via a Calendar OpenDocument action to main.nsf with a Count parameter containing a JavaScript event in a malformed element, as demonstrated by an onload event in an IFRAME element. | ||||
| CVE-2009-3114 | 1 Ibm | 1 Lotus Notes | 2026-04-23 | N/A |
| The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K. | ||||
| CVE-2008-4564 | 3 Autonomy, Ibm, Symantec | 10 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk and 7 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. | ||||
| CVE-2008-4807 | 1 Ibm | 1 Lotus Connections | 2026-04-23 | N/A |
| IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6706 | 1 Ibm | 1 Lotus Notes | 2026-04-23 | N/A |
| Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP. | ||||
| CVE-2007-3510 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name. | ||||
| CVE-2008-0066 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2026-04-23 | N/A |
| Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. | ||||
| CVE-2008-0834 | 1 Ibm | 1 Lotus Quickr | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-1718 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2026-04-23 | N/A |
| Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. | ||||
| CVE-2008-2240 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header. | ||||
| CVE-2008-1965 | 1 Ibm | 2 Lotus Expeditor Client, Lotus Symphany | 2026-04-23 | N/A |
| Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Client for Desktop 6.1.1 and 6.1.2, as used by Lotus Symphony and possibly other products, allows remote attackers to execute arbitrary code by injecting a -launcher option via a cai: URI, as demonstrated by a reference to a UNC share pathname. | ||||
| CVE-2010-0274 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2026-04-23 | N/A |
| Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5. | ||||
| CVE-2008-2499 | 1 Ibm | 1 Lotus Sametime | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL. | ||||
| CVE-2008-0243 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial of service via unknown vectors. | ||||