Hcltech Domino
23 CVEs affecting Hcltech Domino. Latest disclosed: 2024-09-27. Critical: 5, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-44754 | Critical | 9.8 | 2022-12-19 | HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacke… |
CVE-2022-44752 | Critical | 9.8 | 2022-12-19 | HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attack… |
CVE-2022-44750 | Critical | 9.8 | 2022-12-19 | HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacke… |
CVE-2020-14244 | Critical | 9.8 | 2020-12-14 | A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting i… |
CVE-2020-14260 | Critical | 9.8 | 2020-12-02 | HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to… |
CVE-2020-4107 | High | 8.8 | 2022-05-19 | HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerabil… |
CVE-2023-37539 | High | 8.4 | 2024-06-06 | The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. An attacker with the ability to edit documents in the catalog… |
CVE-2022-38660 | High | 8.3 | 2022-11-04 | HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to… |
CVE-2022-27546 | High | 8.3 | 2022-08-29 | HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POS… |
CVE-2020-14273 | High | 7.5 | 2020-12-28 | HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. An unauthenticated attacker cou… |
CVE-2020-14234 | High | 7.5 | 2020-11-21 | HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to… |
CVE-2020-14230 | High | 7.5 | 2020-11-21 | HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could ex… |
CVE-2022-27547 | Medium | 6.1 | 2022-08-29 | HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive inf… |
CVE-2020-4080 | Medium | 6.1 | 2020-12-18 | HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remot… |
CVE-2023-37495 | Medium | 5.9 | 2024-02-29 | Internet passwords stored in Person documents in the Domino® Directory created using the "Add Person" action on the People & Groups tab in the Domino® Administ… |
CVE-2022-27558 | Medium | 5.9 | 2022-08-29 | HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could all… |
CVE-2017-1712 | Medium | 5.9 | 2020-07-01 | "A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access sensitive information, aka a… |
CVE-2022-38654 | Medium | 5.5 | 2022-11-04 | HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ig… |
CVE-2024-23586 | Medium | 5.3 | 2024-09-27 | HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old sessi… |
CVE-2024-23562 | Medium | 5.3 | 2024-07-08 | A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. A remote unauthenticated attacker could exploit this vul… |