1168 matches found
CVE-2026-9610
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls...
CVE-2026-8636
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database...
CVE-2026-8059
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
EUVD-2026-38287
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls...
CVE-2026-9610 Multiple Vulnerabilities in IBM Datacap
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls...
CVE-2026-9610
IBM Datacap (including Datacap Navigator) 9.1.7–9.1.9 exposes resources or functionality not linked in the UI but accessible via direct URL requests, bypassing access controls (CWE-425: Direct Request). Affected: IBM Datacap 9.1.7, 9.1.8, 9.1.9 and Datacap Navigator 9.1.7, 9.1.8, 9.1.9. IBM’s bul...
CVE-2026-8636
CVE-2026-8636 affects IBM Datacap (versions 9.1.7–9.1.9) and Datacap Navigator (9.1.7–9.1.9). The vulnerability allows an attacker to retrieve user passwords and cryptographic keys from memory, enabling use of those keys to decrypt passwords, gain access to the application, and access sensitive d...
CVE-2026-8636 Multiple Vulnerabilities in IBM Datacap
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database...
EUVD-2026-38283
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database...
CVE-2026-8059
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
CVE-2026-8059 Multiple Vulnerabilities in IBM Datacap
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
EUVD-2026-38282
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
CVE-2026-8059
CVE-2026-8059 affects IBM Datacap (versions 9.1.7–9.1.9) and IBM Datacap Navigator (9.1.7–9.1.9). It is a cross-site scripting vulnerability that allows an unauthenticated attacker to embed arbitrary JavaScript in the Web UI, potentially altering functionality and leading to credentials disclosur...
Malicious code in @visma-net-platform/module-navigator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d9c86b2942a6a62e08900c1c60743e4cec865cc0a439db8d8e6a0509d187b6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5665 Malicious code in @visma-net-platform/module-navigator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d9c86b2942a6a62e08900c1c60743e4cec865cc0a439db8d8e6a0509d187b6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @visma-net-platform/module-navigator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization a...
Security Bulletin: : Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in dependencies
Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in dependencies CVE-2026-33532, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-44431, CVE-2026-44432, CVE-2026-6321, CVE-2025-13465, CVE-2026-2950. The...
CVE-2025-1978
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...
CVE-2026-7770
IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Axios
Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Axios. CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042,...