Lucene search
+L

133 matches found

NVD
NVD
added 2024/07/15 3:15 a.m.27 views

CVE-2024-39729

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. IBM X-Force ID: 295968...

4.3CVSS0.00408EPSS
Exploits0References2
NVD
NVD
added 2024/07/15 3:15 a.m.24 views

CVE-2024-39740

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. IBM X-Force ID: 296009...

5.3CVSS0.00371EPSS
Exploits0References2
OSV
OSV
added 2024/07/15 3:15 a.m.3 views

CVE-2024-39740

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. IBM X-Force ID: 296009...

5.3CVSS5.8AI score0.00371EPSS
Exploits0References2
OSV
OSV
added 2024/07/15 3:15 a.m.7 views

CVE-2024-39741

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 296010...

5.3CVSS6AI score0.00678EPSS
Exploits0References2
NVD
NVD
added 2024/07/15 3:15 a.m.39 views

CVE-2024-39735

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

5.4CVSS0.00304EPSS
Exploits0References2
NVD
NVD
added 2024/07/15 2:15 a.m.33 views

CVE-2024-39739

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008...

5.4CVSS0.00241EPSS
Exploits0References2
OSV
OSV
added 2024/07/15 2:15 a.m.3 views

CVE-2024-39739

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008...

4.3CVSS5.8AI score0.00241EPSS
Exploits0References2
NVD
NVD
added 2024/07/15 2:15 a.m.43 views

CVE-2024-39736

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

9.8CVSS0.00366EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/15 2:9 a.m.27 views

CVE-2024-39741 IBM Datacap Navigator directory traversal

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 296010...

4.3CVSS6.6AI score0.00678EPSS
Exploits0References2
CVE
CVE
added 2024/07/15 2:9 a.m.81 views

CVE-2024-39741

CVE-2024-39741 describes a path traversal vulnerability in IBM Datacap Navigator (versions 9.1.5–9.1.9). A remote attacker could craft a URL with "/.." sequences to view arbitrary files on the system, due to improper handling of path input. Affected products include Datacap Navigator and IBM Data...

5.3CVSS4.7AI score0.00678EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2024/07/15 2:9 a.m.35 views

CVE-2024-39741 IBM Datacap Navigator directory traversal

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 296010...

4.3CVSS0.00678EPSS
Exploits0References2
CVE
CVE
added 2024/07/15 2:7 a.m.65 views

CVE-2024-39729

Summary (CVE-2024-39729): IBM Datacap Navigator 9.1.5–9.1.9 is affected by an information-disclosure vulnerability enabling an authenticated user to read sensitive data from the source code. Affected products/versions: Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, 9.1.9. Red Hat and other sources...

4.3CVSS4.2AI score0.00408EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2024/07/15 2:5 a.m.71 views

CVE-2024-39735

CVE-2024-39735 affects IBM Datacap Navigator (9.1.5–9.1.9). The issue is cross-site scripting in the Web UI that allows an authenticated user to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected product family: Datacap Navigator; root cau...

5.4CVSS5.2AI score0.00304EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/07/15 1:34 a.m.13 views

CVE-2024-39728 IBM Datacap Navigator cross-site scripting

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

6.4CVSS5.9AI score0.00341EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/15 1:34 a.m.26 views

CVE-2024-39728 IBM Datacap Navigator cross-site scripting

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

6.4CVSS0.00341EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/15 1:28 a.m.31 views

CVE-2024-39736 IBM Datacap Navigator HTTP HOST header injection

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

6.5CVSS0.00366EPSS
Exploits0References2
CVE
CVE
added 2024/07/15 1:27 a.m.66 views

CVE-2024-39737

IBM Datacap Navigator 9.1.5–9.1.9 exposes detailed browser error messages that disclose sensitive information, enabling remote information disclosure. Root cause: improper error reporting containing detailed error data. Impact: information disclosure; no explicit exploit details provided in the c...

5.4CVSS5AI score0.00358EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2024/07/15 1:25 a.m.68 views

CVE-2024-39739

CVE-2024-39739 affects IBM Datacap Navigator (versions 9.1.5–9.1.9). The issue is server-side request forgery (SSRF) that could allow an authenticated attacker to send unauthorized requests from the vulnerable system, enabling network enumeration or related attacks. Affected product line includes...

5.4CVSS4.8AI score0.00241EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/07/15 1:25 a.m.16 views

CVE-2024-39739 IBM Datacap Navigator server-side request forgery

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008...

5.4CVSS6.5AI score0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/15 1:25 a.m.31 views

CVE-2024-39739 IBM Datacap Navigator server-side request forgery

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008...

5.4CVSS0.00241EPSS
Exploits0References2
Rows per page
Query Builder