Every CVE whose affected-product data names Hcltech Domino, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2020-14244 — CVSS 9.8 (critical): A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated…
CVE-2022-44750 — CVSS 9.8 (critical): HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote…
CVE-2022-44752 — CVSS 9.8 (critical): HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote…
CVE-2020-14260 — CVSS 9.8 (critical): HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could…
CVE-2022-44754 — CVSS 9.8 (critical): HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote…
CVE-2020-4107 — CVSS 8.8 (high): HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could…
CVE-2023-37539 — CVSS 8.4 (high): The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. An attacker with the ability to edit…
CVE-2022-38660 — CVSS 8.3 (high): HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit…
CVE-2022-27546 — CVSS 8.3 (high): HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input…
CVE-2020-14273 — CVSS 7.5 (high): HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. An…
CVE-2020-14234 — CVSS 7.5 (high): HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an…
CVE-2020-14230 — CVSS 7.5 (high): HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote…
CVE-2022-27547 — CVSS 6.1 (medium): HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into…
CVE-2020-4080 — CVSS 6.1 (medium): HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An…
CVE-2017-1712 — CVSS 5.9 (medium): "A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access…
CVE-2022-27558 — CVSS 5.9 (medium): HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes…
CVE-2023-37495 — CVSS 5.9 (medium): Internet passwords stored in Person documents in the Domino® Directory created using the "Add Person" action on the People & Groups tab in…
CVE-2022-38654 — CVSS 5.5 (medium): HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the…
CVE-2020-4128 — CVSS 5.3 (medium): HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. An unauthenticated attacker could use this…
CVE-2024-23562 — CVSS 5.3 (medium): A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. A remote unauthenticated attacker…
CVE-2020-14270 — CVSS 5.3 (medium): HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input…
CVE-2023-28010 — CVSS 4.0 (medium): In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks.