133 matches found
CVE-2024-39732
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791...
CVE-2024-39741
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 296010...
Security Bulletin: Multiple Vulnerabilities in IBM Datacap
Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 005 Vulnerability Details CVEID:CVE-2024-39734 DESCRIPTION: IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers...
Security Bulletin: Multiple IBM® Db2® security vulnerability fixes
Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletins referred here to remedy the vulnerabilities. IBM® Db2® is vulnerable to denial of service under specific conditions CVE-2024-45663, CVE-2024-41761, CVE-2024-41762, CVE-2024-37071...
Security Bulletin: IBM® Db2® is vulnerable to denial of service with a specially crafted query (CVE-2024-37529)
Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletin referred in the Title to remedy the vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Db2 (October 2023 CPU)
Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletin referred here to remedy the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could...
The vulnerability in the web-based client of IBM Datacap Navigator software for document collection and processing involves defects in the error reporting mechanism, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the IBM Datacap Navigator web client software for document collection and processing involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability in the web client of IBM Datacap software for document collection and processing allows attackers to execute cross-site scripting attacks by exploiting a lack of protection for the web page structure.
The vulnerability of the IBM Datacap Navigator web client software for document collection and processing exists due to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...
IBM Datacap Navigator Encryption Issue Vulnerability
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator suffers from a cryptographic issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decrypt highly...
IBM Datacap Navigator Information Disclosure Vulnerability (CNVD-2024-33363)
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. An information disclosure vulnerability exists in IBM Datacap Navigator that originates from displaying version information in an HTTP request, which can be exploited by an attacker to gather information...
IBM Datacap Navigator Server-Side Request Forgery Vulnerability
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator has a server-side request forgery vulnerability that can be exploited by an attacker to send unauthorized requests from the system, which could lead to network enumeration or facilita...
IBM Datacap Navigator Information Disclosure Vulnerability (CNVD-2024-33366)
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. An information disclosure vulnerability exists in IBM Datacap Navigator, which can be exploited by an attacker to obtain sensitive information when a detailed technical error message is returned in a brows...
IBM Datacap Navigator HTTP Header Injection Vulnerability
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator suffers from an HTTP header injection vulnerability that originates from an input validation error in the HOST header, which can be exploited by an attacker to conduct cross-site...
IBM Datacap Navigator Cross-Site Scripting Vulnerability
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator suffers from a cross-site scripting vulnerability that originates from allowing arbitrary JavaScript code to be embedded in the Web UI, which could alter the intended functionality an...
IBM Datacap Navigator Path Traversal Vulnerability
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator suffers from a path traversal vulnerability that can be exploited by an attacker to view arbitrary files on the system via a specially crafted URL request...
IBM Datacap Navigator Cross-Site Scripting Vulnerability
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Datacap Navigator, which can be exploited by an attacker to embed arbitrary JavaScript code in the Web UI...
IBM Datacap Navigator Information Disclosure Vulnerability (CNVD-2024-33368)
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. A security vulnerability exists in IBM Datacap Navigator, which can be exploited by attackers to obtain sensitive information from the source code...
IBM Datacap Navigator Information Disclosure Vulnerability (CNVD-2024-33371)
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator suffers from an information disclosure vulnerability that originates from storing user credentials in plaintext, which can be exploited by a local attacker to read the user credential...
IBM Datacap Navigator Information Disclosure Vulnerability
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. IBM Datacap Navigator suffers from an information disclosure vulnerability that originates from temporarily storing data from different environments, which can be exploited by an attacker to obtain sensiti...
IBM Datacap Navigator Information Disclosure Vulnerability (CNVD-2024-33370)
IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. An information disclosure vulnerability exists in IBM Datacap Navigator that stems from not setting a security attribute on an authorization token or session cookie, which can be exploited by an attacker t...