Lucene search
+L

133 matches found

redhatcve
redhatcve
added 2025/06/30 1:34 a.m.20 views

CVE-2025-36027

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against...

5.4CVSS7AI score0.00195EPSS
Exploits0References1
ibm
ibm
added 2025/06/28 11:12 p.m.10 views

Security Bulletin: Multiple Vulnerabilities in IBM Datacap

Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 007 Vulnerability Details CVEID:CVE-2025-36027 DESCRIPTION: IBM Datacap could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remot...

5.5CVSS6.2AI score0.47738EPSS
Exploits2Affected Software1
nvd
nvd
added 2025/06/28 1:15 a.m.28 views

CVE-2025-36027

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against...

5.4CVSS0.00195EPSS
Exploits0References1
nvd
nvd
added 2025/06/28 1:15 a.m.7 views

CVE-2025-36026

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link an...

4.3CVSS0.00138EPSS
Exploits0References1
nvd
nvd
added 2025/06/28 1:15 a.m.7 views

CVE-2024-39730

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

5.4CVSS0.00199EPSS
Exploits0References1
cve
cve
added 2025/06/28 12:51 a.m.28 views

CVE-2025-36027

CVE-2025-36027 affects IBM Datacap 9.1.7–9.1.9. Description and Red Hat/IBM bulletin confirm a clickjacking issue where a remote attacker could exploit a malicious site to hijack the victim’s click actions (CWE-1021). Impact is UI interaction manipulation with potential for follow-on attacks; CVS...

5.4CVSS6.4AI score0.00195EPSS
Exploits0References1Affected Software2
vulnrichment
vulnrichment
added 2025/06/28 12:51 a.m.4 views

CVE-2025-36027 IBM Datacap clickjacking

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against...

5.4CVSS7AI score0.00195EPSS
Exploits0References1
cvelist
cvelist
added 2025/06/28 12:51 a.m.25 views

CVE-2025-36027 IBM Datacap clickjacking

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against...

5.4CVSS0.00195EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/06/28 12:49 a.m.5 views

CVE-2025-36026 IBM Datacap information disclosure

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link an...

4.3CVSS6.6AI score0.00138EPSS
Exploits0References1
cve
cve
added 2025/06/28 12:49 a.m.30 views

CVE-2025-36026

IBM Datacap is affected for versions 9.1.7, 9.1.8, and 9.1.9. The root cause is that authorization tokens and session cookies are not marked Secure, enabling cookie exposure when a user clicks an http link or visits a site hosting the link, potentially allowing traffic snooping to obtain cookie v...

4.3CVSS6AI score0.00138EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2025/06/28 12:49 a.m.13 views

CVE-2025-36026 IBM Datacap information disclosure

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link an...

4.3CVSS0.00138EPSS
Exploits0References1
cve
cve
added 2025/06/28 12:36 a.m.27 views

CVE-2024-39730

The CVE-2024-39730 issue affects IBM Datacap Navigator 9.1.7–9.1.9 and allows a remote attacker to hijack a victim’s click actions by luring them to a malicious site. The Red Hat bulletin and IBM/IBM X-Force references cite a CWE-451 UI misrepresentation root cause, with a CVSSv3.1 base score of ...

5.4CVSS6.4AI score0.00199EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2025/06/28 12:36 a.m.10 views

CVE-2024-39730 IBM Datacap clickjacking

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

5.4CVSS0.00199EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/06/28 12:36 a.m.4 views

CVE-2024-39730 IBM Datacap clickjacking

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

5.4CVSS7AI score0.00199EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/06/28 12:0 a.m.7 views

PT-2025-27282 · Ibm · Ibm Datacap

Name of the Vulnerable Software and Affected Versions: IBM Datacap versions 9.1.7 through 9.1.9 Description: The issue is related to the improper handling of authorization tokens and session cookies, as the software does not set the secure attribute on these cookies or tokens. Attackers may be ab...

5CVSS6.8AI score0.00138EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2025/06/28 12:0 a.m.5 views

PT-2025-27283 · Ibm · Ibm Datacap

Name of the Vulnerable Software and Affected Versions: IBM Datacap versions 9.1.7 through 9.1.9 Description: The issue could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this issue to...

5.5CVSS7.2AI score0.00195EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2025/06/28 12:0 a.m.4 views

PT-2025-27280 · Ibm · Ibm Datacap Navigator

Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.7 through 9.1.9 Description: The issue allows a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this...

5.5CVSS7.1AI score0.00199EPSS
Exploits0References7
cnnvd
cnnvd
added 2025/06/28 12:0 a.m.7 views

IBM Datacap 安全漏洞

IBM Datacap is a document capture and processing software from International Business Machines IBM that captures data from various sources e.g., scanner, email, fax, etc. in paper or electronic documents and converts them into editable and searchable digital formats, which are widely used in...

5.4CVSS6.3AI score0.00195EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 8:49 a.m.8 views

CVE-2024-39731

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 295970...

7.5CVSS6.3AI score0.0028EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:49 a.m.13 views

CVE-2024-39739

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008...

5.4CVSS6.3AI score0.00241EPSS
Exploits0References1
Rows per page
Query Builder