Filtered by vendor Lotus
Subscribe
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0602 | 1 Lotus | 1 Domino R5 Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices. | |||||
| CVE-2003-1408 | 1 Lotus | 1 Domino Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. | |||||
| CVE-2000-1047 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command. | |||||
| CVE-2002-1010 | 1 Lotus | 1 Domino R4 | 2025-04-03 | 7.5 HIGH | N/A |
| Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers. | |||||
| CVE-2002-0407 | 1 Lotus | 1 Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2) a request containing a large number of periods, which causes htcgibin.exe to leak the pathname in an error message. | |||||
| CVE-2002-2191 | 1 Lotus | 1 Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner. | |||||
| CVE-2000-0021 | 1 Lotus | 1 Domino Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. | |||||
| CVE-2002-0087 | 1 Lotus | 1 Domino | 2025-04-03 | 2.1 LOW | N/A |
| bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2001-1445 | 1 Lotus | 1 Domino Mail Server | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands. | |||||
| CVE-2000-1203 | 1 Lotus | 1 Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop. | |||||
| CVE-2001-0954 | 1 Lotus | 1 Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory. | |||||