CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

234 matches found

IBM Security Bulletins•added 2024/01/03 7:58 p.m.•78 views

Security Bulletin: Security vulnerability in IBM Datacap Navigator plugin

Summary Due to an issue in the client-side Dynamsoft Service, IBM Datacap Navigator plugin is at risk for malicious code to be executed remotely. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details IBM X-Force ID: 275484 DESCRIPTION: Due to inadequate...

6.7AI score

Exploits0Affected Software1

vulnersOsv•added 2022/10/26 7:0 p.m.•3 views

io.edurt.datacap:datacap-jdbc-iotdb (>=1.7.0 <=1.8.0), org.apache.iotdb:client-example (>=0.12.2 <=0.13.2) +37 more potentially affected by CVE-2022-43766 via org.apache.iotdb:tsfile (>=0.12.2 <=0.13.2)

org.apache.iotdb:tsfile MAVEN version =0.12.2, =1.7.0, =0.12.2, =0.13.0, =0.13.1, =0.12.2, =0.12.2, =0.12.2, =0.12.2, =0.12.2, =0.13.0, =0.12.2, =0.12.2, =0.12.2, =0.12.2, =0.13.0, =0.13.2 and more Source cves: CVE-2022-43766 Source advisory: OSV:GHSA-G6HG-4V3C-6JQ7...

7.5CVSS7.1AI score0.01341EPSS

Exploits0

IBM Security Bulletins•added 2022/02/28 5:3 a.m.•78 views

Security Bulletin: Due to use of Apache Log4j, IBM Datacap is vulnerable to arbitrary code execution (CVE-2021-4104)

Summary Apache Log4j was used by 2 of the third party components used in Datacap as part of its logging infrastructure. The fix includes Apache Log4j v.2.17.1 for one of these third party component used in Datacap. The fix removes Apache Log4j for second third party component used in Datacap...

7.5CVSS1.2AI score0.81147EPSS

Exploits9Affected Software1

IBM Security Bulletins•added 2021/07/02 4:27 p.m.•25 views

Security Bulletin: Using XSS attack, an attacker may inject Javascript code by modifying input fields in Datacap Navigator

Summary Using XSS attack, an attacker may inject Javascript code by modifying input fields in Datacap Navigator. Vulnerability Details CVEID: CVE-2020-4935 DESCRIPTION: IBM Datacap Fastdoc Capture is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript...

5.4CVSS0.9AI score0.00495EPSS

Exploits0Affected Software1

OSV•added 2021/07/01 4:15 p.m.•3 views

CVE-2020-4935

IBM Datacap Fastdoc Capture IBM Datacap Navigator 9.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS5.4AI score0.00495EPSS

Exploits0References2

OSV•added 2021/07/01 4:15 p.m.•4 views

CVE-2020-4902

IBM Datacap Taskmaster Capture IBM Datacap Navigator 9.1.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045...

8.8CVSS6.8AI score0.00968EPSS

Exploits0References2

NVD•added 2021/07/01 4:15 p.m.•21 views

CVE-2020-4935

5.4CVSS0.00495EPSS

Exploits0References2

NVD•added 2021/07/01 4:15 p.m.•19 views

CVE-2020-4902

8.8CVSS0.00968EPSS

Exploits0References2

Prion•added 2021/07/01 4:15 p.m.•13 views

Cross site scripting

3.5CVSS5.1AI score0.00495EPSS

Exploits0References2Affected Software1

Prion•added 2021/07/01 4:15 p.m.•16 views

Sql injection

6.5CVSS8.5AI score0.00968EPSS

Exploits0References2Affected Software1

CVE•added 2021/07/01 3:40 p.m.•66 views

CVE-2020-4935

CVE-2020-4935 affects IBM Datacap Fastdoc Capture (Datacap Navigator 9.1.7). A cross-site scripting (XSS) vulnerability allows embedding arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure within a trusted session. The IBM Security Bulletin confirms the issue and pro...

5.4CVSS5.2AI score0.00495EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/07/01 3:40 p.m.•23 views

CVE-2020-4935

5.4CVSS5.2AI score0.00495EPSS

Exploits0References2

Cvelist•added 2021/07/01 3:40 p.m.•19 views

CVE-2020-4902

6.3CVSS8.6AI score0.00968EPSS

Exploits0References2

CVE•added 2021/07/01 3:40 p.m.•64 views

CVE-2020-4902

CVE-2020-4902 affects IBM Datacap Taskmaster Capture, specifically its Datacap Navigator component (version 9.1.7). The vulnerability is a SQL injection originating from various input fields, potentially allowing a remote attacker to view, add, modify, or delete data in the back-end database. IBM...

8.8CVSS8.6AI score0.00968EPSS

Exploits0References2Affected Software1

CNVD•added 2021/07/01 12:0 a.m.•7 views

IBM Datacap Taskmaster Capture SQL Injection Vulnerability

IBM Datacap Taskmaster Capture is a complete solution for document and data capture from IBM USA. Data and document images can be scanned, categorized, identified, validated, verified and exported quickly, accurately and cost-effectively. IBM Datacap Taskmaster Capture suffers from a SQL injectio...

8.8CVSS7.4AI score0.00968EPSS

Exploits0References1

CNVD•added 2021/07/01 12:0 a.m.•10 views

IBM Datacap Fastdoc Capture Cross-Site Scripting Vulnerability

IBM Datacap Fastdoc Capture is a client-only capture software solution from IBM USA that automatically indexes scanned documents for accurate storage and retrieval. A cross-site scripting vulnerability exists in IBM Datacap Fastdoc Capture that stems from a lack of proper validation of client-sid...

5.4CVSS6.2AI score0.00495EPSS

Exploits0References1

IBM Security Bulletins•added 2021/06/30 10:41 a.m.•22 views

Security Bulletin: SQL injection from various input fields may affect Datacap Navigator

Summary In Security testing found that SQL injection from various input fields may affect Datacap Navigator. Vulnerability Details CVEID: CVE-2020-4902 DESCRIPTION: IBM Datacap Taskmaster Capture is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...

8.8CVSS1AI score0.00968EPSS

Exploits0Affected Software1