Lucene search
K
IbmDatacap Navigator

16 matches found

CVE
CVE
added 2024/07/15 2:9 a.m.80 views

CVE-2024-39741

CVE-2024-39741 describes a path traversal vulnerability in IBM Datacap Navigator (versions 9.1.5–9.1.9). A remote attacker could craft a URL with "/.." sequences to view arbitrary files on the system, due to improper handling of path input. Affected products include Datacap Navigator and IBM Data...

5.3CVSS4.7AI score0.00678EPSS
CVE
CVE
added 2021/07/01 3:40 p.m.71 views

CVE-2020-4935

CVE-2020-4935 affects IBM Datacap Fastdoc Capture (Datacap Navigator 9.1.7). A cross-site scripting (XSS) vulnerability allows embedding arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure within a trusted session. The IBM Security Bulletin confirms the issue and pro...

5.4CVSS5.2AI score0.00495EPSS
CVE
CVE
added 2024/07/15 1:34 a.m.70 views

CVE-2024-39728

IBM Datacap Navigator 9.1.5–9.1.9 is vulnerable to stored cross-site scripting (XSS) in the Web UI, allowing embedded JavaScript that could alter functionality and potentially disclose credentials in a trusted session. Root cause/details are described as insufficient protection of the web UI agai...

6.4CVSS5.5AI score0.00341EPSS
CVE
CVE
added 2024/07/15 2:5 a.m.69 views

CVE-2024-39735

CVE-2024-39735 affects IBM Datacap Navigator (9.1.5–9.1.9). The issue is cross-site scripting in the Web UI that allows an authenticated user to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected product family: Datacap Navigator; root cau...

5.4CVSS5.2AI score0.00304EPSS
CVE
CVE
added 2021/07/01 3:40 p.m.66 views

CVE-2020-4902

CVE-2020-4902 affects IBM Datacap Taskmaster Capture, specifically its Datacap Navigator component (version 9.1.7). The vulnerability is a SQL injection originating from various input fields, potentially allowing a remote attacker to view, add, modify, or delete data in the back-end database. IBM...

8.8CVSS8.6AI score0.00968EPSS
CVE
CVE
added 2024/07/15 2:7 a.m.65 views

CVE-2024-39729

Summary (CVE-2024-39729): IBM Datacap Navigator 9.1.5–9.1.9 is affected by an information-disclosure vulnerability enabling an authenticated user to read sensitive data from the source code. Affected products/versions: Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, 9.1.9. Red Hat and other sources...

4.3CVSS4.2AI score0.00408EPSS
CVE
CVE
added 2024/07/15 1:27 a.m.65 views

CVE-2024-39737

IBM Datacap Navigator 9.1.5–9.1.9 exposes detailed browser error messages that disclose sensitive information, enabling remote information disclosure. Root cause: improper error reporting containing detailed error data. Impact: information disclosure; no explicit exploit details provided in the c...

5.4CVSS5AI score0.00358EPSS
CVE
CVE
added 2024/07/15 1:25 a.m.65 views

CVE-2024-39739

CVE-2024-39739 affects IBM Datacap Navigator (versions 9.1.5–9.1.9). The issue is server-side request forgery (SSRF) that could allow an authenticated attacker to send unauthorized requests from the vulnerable system, enabling network enumeration or related attacks. Affected product line includes...

5.4CVSS4.8AI score0.00241EPSS
CVE
CVE
added 2024/07/15 1:28 a.m.63 views

CVE-2024-39736

IBM Datacap Navigator 9.1.5–9.1.9 is affected by HTTP header injection due to improper validation of HOST headers. The vulnerability allows an attacker to perform cross-site scripting, cache poisoning, or session hijacking against vulnerable systems. Affected product/version: Datacap Navigator 9....

9.8CVSS6.5AI score0.00366EPSS
CVE
CVE
added 2024/07/15 2:11 a.m.56 views

CVE-2024-39740

Summary of findings : CVE-2024-39740 affects IBM Datacap Navigator (versions 9.1.5–9.1.9). The issue is an information disclosure vulnerability where version information is exposed in HTTP requests, enabling an attacker to gather details for potential future attacks. The IBM bulletin lists multip...

5.3CVSS4.4AI score0.00371EPSS
CVE
CVE
added 2025/06/28 12:49 a.m.30 views

CVE-2025-36026

IBM Datacap is affected for versions 9.1.7, 9.1.8, and 9.1.9. The root cause is that authorization tokens and session cookies are not marked Secure, enabling cookie exposure when a user clicks an http link or visits a site hosting the link, potentially allowing traffic snooping to obtain cookie v...

4.3CVSS6AI score0.00138EPSS
CVE
CVE
added 2025/06/28 12:51 a.m.28 views

CVE-2025-36027

CVE-2025-36027 affects IBM Datacap 9.1.7–9.1.9. Description and Red Hat/IBM bulletin confirm a clickjacking issue where a remote attacker could exploit a malicious site to hijack the victim’s click actions (CWE-1021). Impact is UI interaction manipulation with potential for follow-on attacks; CVS...

5.4CVSS6.4AI score0.00195EPSS
CVE
CVE
added 2025/06/28 12:36 a.m.27 views

CVE-2024-39730

The CVE-2024-39730 issue affects IBM Datacap Navigator 9.1.7–9.1.9 and allows a remote attacker to hijack a victim’s click actions by luring them to a malicious site. The Red Hat bulletin and IBM/IBM X-Force references cite a CWE-451 UI misrepresentation root cause, with a CVSSv3.1 base score of ...

5.4CVSS6.4AI score0.00199EPSS
CVE
CVE
added 2026/06/22 2:13 p.m.14 views

CVE-2026-8059

CVE-2026-8059 affects IBM Datacap (versions 9.1.7–9.1.9) and IBM Datacap Navigator (9.1.7–9.1.9). It is a cross-site scripting vulnerability that allows an unauthenticated attacker to embed arbitrary JavaScript in the Web UI, potentially altering functionality and leading to credentials disclosur...

6.1CVSS5.5AI score0.00169EPSS
CVE
CVE
added 2026/06/22 2:16 p.m.12 views

CVE-2026-8636

CVE-2026-8636 affects IBM Datacap (versions 9.1.7–9.1.9) and Datacap Navigator (9.1.7–9.1.9). The vulnerability allows an attacker to retrieve user passwords and cryptographic keys from memory, enabling use of those keys to decrypt passwords, gain access to the application, and access sensitive d...

7.5CVSS5.9AI score0.00146EPSS
CVE
CVE
added 2026/06/22 2:22 p.m.12 views

CVE-2026-9610

IBM Datacap (including Datacap Navigator) 9.1.7–9.1.9 exposes resources or functionality not linked in the UI but accessible via direct URL requests, bypassing access controls (CWE-425: Direct Request). Affected: IBM Datacap 9.1.7, 9.1.8, 9.1.9 and Datacap Navigator 9.1.7, 9.1.8, 9.1.9. IBM’s bul...

5.3CVSS5.8AI score0.00189EPSS