Vulnerabilities > IBM > Domino > 9.0.1.2

DATE CVE VULNERABILITY TITLE RISK
2018-12-20 CVE-2018-1771 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Domino and Notes
IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe.
local
low complexity
ibm CWE-119
7.8
7.8
2017-06-07 CVE-2016-6087 Improper Input Validation vulnerability in IBM Domino
IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation.
network
low complexity
ibm CWE-20
critical
 9.8
9.8
2017-02-01 CVE-2016-6113 Cross-site Scripting vulnerability in IBM Domino and Inotes
IBM Verse is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2017-02-01 CVE-2016-5884 Cross-site Scripting vulnerability in IBM Domino and Inotes
IBM iNotes is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2017-02-01 CVE-2016-5882 Cross-site Scripting vulnerability in IBM Domino and Inotes
IBM iNotes is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2017-02-01 CVE-2016-5880 Cross-site Scripting vulnerability in IBM Domino and Inotes
IBM iNotes is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-02-01 CVE-2016-2939 Cross-site Scripting vulnerability in IBM Domino and Inotes
IBM iNotes is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2017-02-01 CVE-2016-2938 Cross-site Scripting vulnerability in IBM Domino and Inotes
IBM iNotes is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2016-06-29 CVE-2016-0304 Improper Access Control vulnerability in IBM Domino
The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J.
network
high complexity
ibm CWE-284
8.1
8.1
2016-06-26 CVE-2016-0301 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Domino
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0279.
local
low complexity
ibm CWE-119
7.8
7.8