IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with an unlimited recursion depth, which allows remote web servers to cause a denial of service (infinite loop) via a crafted series of documents.
IBM OmniFind suffers from cross site scripting, cross site request forgery, buffer overflow, session fixation and privilege escalation vulnerabilities. Various other issues also exist.