CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

208 matches found

IBM Security Bulletins•added 2026/01/12 5:46 p.m.•9 views

Security Bulletin: Multiple Vulnerabilities in IBM Datacap

Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.10 released on December 19, 2025. Vulnerability Details CVEID:CVE-2022-23302 DESCRIPTION: JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the...

9.8CVSS8.5AI score0.09452EPSS

Exploits1Affected Software1

RedhatCVE•added 2026/01/09 9:4 a.m.•5 views

CVE-2024-39735

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

5.4CVSS6AI score0.00423EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:4 a.m.•4 views

CVE-2024-39728

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

6.4CVSS5.9AI score0.00308EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:4 a.m.•6 views

CVE-2024-39737

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 296004...

5.4CVSS6AI score0.00078EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:3 a.m.•5 views

CVE-2024-39733

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972...

5.5CVSS6.1AI score0.00032EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:3 a.m.•3 views

CVE-2024-39729

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. IBM X-Force ID: 295968...

4.3CVSS5.9AI score0.0008EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:3 a.m.•6 views

CVE-2024-39730

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

5.4CVSS7AI score0.00093EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:3 a.m.•5 views

CVE-2024-39734

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent...

4.3CVSS6AI score0.00066EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:3 a.m.•6 views

CVE-2024-39736

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or...

9.8CVSS6.4AI score0.00168EPSS

Exploits0References1