cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-1771,https://securityvulnerability.io/vulnerability/CVE-2018-1771,,IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687.,IBM,Domino,8.4,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2018-12-20T14:29:00.000Z,0
CVE-2016-6087,https://securityvulnerability.io/vulnerability/CVE-2016-6087,,IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. IBM X-Force ID: 117918.,IBM,Domino,9.8,CRITICAL,0.005470000207424164,false,,false,false,false,,,false,false,,2017-06-07T17:00:00.000Z,0
CVE-2017-1274,https://securityvulnerability.io/vulnerability/CVE-2017-1274,,"IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749.",IBM,Domino,8.8,HIGH,0.007060000207275152,false,,false,false,false,,,false,false,,2017-04-25T18:00:00.000Z,0
CVE-2016-0270,https://securityvulnerability.io/vulnerability/CVE-2016-0270,,"IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a ""forbidden attack."" NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue.",IBM,"Notes,Domino,Client Application Access",5.9,MEDIUM,0.004920000210404396,false,,false,false,false,,,false,false,,2017-02-08T16:00:00.000Z,0
CVE-2016-2938,https://securityvulnerability.io/vulnerability/CVE-2016-2938,,IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM,"IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7",6.1,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-2939,https://securityvulnerability.io/vulnerability/CVE-2016-2939,,IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM Corporation,Domino,6.1,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-6113,https://securityvulnerability.io/vulnerability/CVE-2016-6113,,IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM,Domino,6.1,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-5884,https://securityvulnerability.io/vulnerability/CVE-2016-5884,,IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM,"IBM Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7",6.1,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-5882,https://securityvulnerability.io/vulnerability/CVE-2016-5882,,IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM,Domino,6.1,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-5880,https://securityvulnerability.io/vulnerability/CVE-2016-5880,,IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.,IBM,Domino,5.4,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2016-0304,https://securityvulnerability.io/vulnerability/CVE-2016-0304,,"The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920.",IBM,Domino,8.1,HIGH,0.004650000017136335,false,,false,false,false,,,false,false,,2016-06-29T01:00:00.000Z,0
CVE-2016-0301,https://securityvulnerability.io/vulnerability/CVE-2016-0301,,"Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0279.",IBM,Domino,7.8,HIGH,0.0061900001019239426,false,,false,false,false,,,false,false,,2016-06-26T14:00:00.000Z,0
CVE-2016-0278,https://securityvulnerability.io/vulnerability/CVE-2016-0278,,"Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0279, and CVE-2016-0301.",IBM,Domino,7.8,HIGH,0.016769999638199806,false,,false,false,false,,,false,false,,2016-06-26T14:00:00.000Z,0
CVE-2016-0279,https://securityvulnerability.io/vulnerability/CVE-2016-0279,,"Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0301.",IBM,Domino,7.8,HIGH,0.007790000177919865,false,,false,false,false,,,false,false,,2016-06-26T14:00:00.000Z,0
CVE-2016-0277,https://securityvulnerability.io/vulnerability/CVE-2016-0277,,"Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0278, CVE-2016-0279, and CVE-2016-0301.",IBM,Domino,7.8,HIGH,0.007790000177919865,false,,false,false,false,,,false,false,,2016-06-26T14:00:00.000Z,0
CVE-2015-5040,https://securityvulnerability.io/vulnerability/CVE-2015-5040,,"Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-4994.",IBM,Domino,,,0.02425999939441681,false,,false,false,false,,,false,false,,2015-10-29T10:00:00.000Z,0
CVE-2015-4994,https://securityvulnerability.io/vulnerability/CVE-2015-4994,,"Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-5040.",IBM,Domino,,,0.02425999939441681,false,,false,false,false,,,false,false,,2015-10-29T10:00:00.000Z,0
CVE-2015-2015,https://securityvulnerability.io/vulnerability/CVE-2015-2015,,"Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the Directory template) in the web server in IBM Domino before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH8WBPRN.",IBM,Domino,,,0.0013200000394135714,false,,false,false,false,,,false,false,,2015-08-23T01:00:00.000Z,0
CVE-2015-2014,https://securityvulnerability.io/vulnerability/CVE-2015-2014,,"Open redirect vulnerability in the web server in IBM Domino 8.5 before 8.5.3 FP6 IF9 and 9.0 before 9.0.1 FP4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via a crafted URL, aka SPR SJAR9DNGDA.",IBM,Domino,,,0.0014199999859556556,false,,false,false,false,,,false,false,,2015-08-23T01:00:00.000Z,0
CVE-2015-1981,https://securityvulnerability.io/vulnerability/CVE-2015-1981,,"Cross-site scripting (XSS) vulnerability in the web server in IBM Domino 8.5.x before 8.5.3 FP6 IF8 and 9.x before 9.0.1 FP4, when Webmail is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH9WYPR5.",IBM,Domino,,,0.0008699999889358878,false,,false,false,false,,,false,false,,2015-06-28T14:00:00.000Z,0
CVE-2015-1903,https://securityvulnerability.io/vulnerability/CVE-2015-1903,,"Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSN3Y.",IBM,Domino,,,0.5140600204467773,false,,false,false,false,,,false,false,,2015-05-20T10:00:00.000Z,0
CVE-2015-1902,https://securityvulnerability.io/vulnerability/CVE-2015-1902,,"Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.",IBM,Domino,,,0.5140600204467773,false,,false,false,false,,,false,false,,2015-05-20T10:00:00.000Z,0
CVE-2015-0135,https://securityvulnerability.io/vulnerability/CVE-2015-0135,,"IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafted GIF image, aka SPR KLYH9T7NT9.",IBM,Domino,,,0.8718100190162659,false,,false,false,false,,,false,false,,2015-04-21T16:00:00.000Z,0
CVE-2015-0117,https://securityvulnerability.io/vulnerability/CVE-2015-0117,,"The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, aka SPR KLYH9SLRGM.",IBM,Domino,,,0.5045300126075745,false,,false,false,false,,,false,false,,2015-04-06T00:00:00.000Z,0
CVE-2015-0134,https://securityvulnerability.io/vulnerability/CVE-2015-0134,,"Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.",IBM,Domino,,,0.04129000008106232,false,,false,false,false,,,false,false,,2015-04-06T00:00:00.000Z,0