The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of IBM Lotus Notes

HCL Notes: buffer overflow
An attacker can trigger a buffer overflow of HCL Notes, in order to trigger a denial of service, and possibly to run code...
CVE-2020-14232, KB0085883, VIGILANCE-VUL-34159
HCL Notes: buffer overflow via DXL
An attacker can trigger a buffer overflow via DXL of HCL Notes, in order to trigger a denial of service, and possibly to run code...
CVE-2020-4102, KB0085499, VIGILANCE-VUL-34025
HCL Notes: denial of service via Email Message
An attacker can trigger a fatal error via Email Message of HCL Notes, in order to trigger a denial of service...
CVE-2020-14258, VIGILANCE-VUL-33948
HCL Notes: buffer overflow via Email Compose
An attacker can trigger a buffer overflow via Email Compose of HCL Notes, in order to trigger a denial of service, and possibly to run code...
CVE-2020-4097, VIGILANCE-VUL-33772
HCL Notes: Cross Site Scripting via HTML Emails
An attacker can trigger a Cross Site Scripting via HTML Emails of HCL Notes, in order to run JavaScript code in the context of the web site...
CVE-2020-14240, VIGILANCE-VUL-33771
Apache HttpClient: information disclosure via java.net.URI Authority Component
An attacker can bypass access restrictions to data via java.net.URI Authority Component of Apache HttpClient, in order to obtain sensitive information...
6445703, CVE-2020-13956, DLA-2405-1, DSA-4772-1, KB0086419, RHSA-2021:0246-01, RHSA-2021:0247-01, RHSA-2021:0248-01, RHSA-2021:0250-01, VIGILANCE-VUL-33523
HCL Notes: information disclosure via Mailto
An attacker can bypass access restrictions to data via Mailto of HCL Notes, in order to obtain sensitive information...
CVE-2020-4089, KB0080343, SPR#ARUIBM4MYE, VIGILANCE-VUL-32636
SnakeYAML: external YAML entity injection
An attacker can transmit malicious YAML data to snakeyaml, in order to read a file, scan sites, or trigger a denial of service...
6198380, 6449664, CVE-2017-18640, FEDORA-2020-23012fafbc, KB0085481, openSUSE-SU-2021:0855-1, RHSA-2020:4807-01, SUSE-SU-2021:1876-1, VIGILANCE-VUL-32101
FasterXML jackson-databind: external XML entity injection via jackson-mapper-asl
An attacker can transmit malicious XML data via jackson-mapper-asl to FasterXML jackson-databind, in order to read a file, scan sites, or trigger a denial of service...
6198380, CVE-2019-10172, DLA-2091-1, DLA-2342-1, KB0085481, RHSA-2020:2058-01, RHSA-2020:2059-01, RHSA-2020:2060-01, RHSA-2020:2061-01, RHSA-2020:2106-01, RHSA-2020:2107-01, RHSA-2020:2108-01, RHSA-2020:2112-01, RHSA-2020:2113-01, RHSA-2020:2511-01, RHSA-2020:2512-01, RHSA-2020:2513-01, RHSA-2020:2515-01, USN-4741-1, VIGILANCE-VUL-31485
Apache Log4j 1.2: code execution via Socket Server Deserialization
An attacker can use a vulnerability via Socket Server Deserialization of Apache Log4j 1.2, in order to run code...
6198380, 6371652, cpuapr2020, cpujul2020, CVE-2019-17571, DLA-2065-1, DSA-4686-1, KB0085481, NTAP-20200110-0001, openSUSE-SU-2020:0051-1, SUSE-SU-2020:0053-1, SUSE-SU-2020:0054-1, SUSE-SU-2020:14267-1, USN-4495-1, VIGILANCE-VUL-31193
Our database contains other pages. You can request a free trial to read them.