Ibm Datacap Navigator
14 CVEs affecting Ibm Datacap Navigator. Latest disclosed: 2024-07-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-39736 | Medium | 6.5 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers… |
CVE-2024-39728 | Medium | 6.4 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary Ja… |
CVE-2020-4902 | Medium | 6.3 | 2021-07-01 | IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, whi… |
CVE-2024-39731 | Medium | 5.9 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly s… |
CVE-2024-39733 | Medium | 5.5 | 2024-07-14 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 29… |
CVE-2024-39735 | Medium | 5.4 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arb… |
CVE-2024-39737 | Medium | 5.4 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error messa… |
CVE-2024-39739 | Medium | 5.4 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to se… |
CVE-2020-4935 | Medium | 5.4 | 2021-07-01 | IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript… |
CVE-2024-39740 | Medium | 4.3 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information fo… |
CVE-2024-39741 | Medium | 4.3 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a speci… |
CVE-2024-39729 | Medium | 4.3 | 2024-07-15 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be us… |
CVE-2024-39734 | Medium | 4.3 | 2024-07-14 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able… |
CVE-2024-39732 | Medium | 4.1 | 2024-07-14 | IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IB… |