Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-15 | CVE-2024-39728 | Unspecified vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-07-15 | CVE-2024-39731 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2024-07-15 | CVE-2024-39736 | Improper Encoding or Escaping of Output vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 9.8 |
| 2024-07-15 | CVE-2024-39737 | Unspecified vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2024-07-15 | CVE-2024-39739 | Unspecified vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). | 4.3 |
| 2024-07-14 | CVE-2024-39732 | Cleartext Storage of Sensitive Information vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. | 7.5 |
| 2024-07-14 | CVE-2024-39734 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2024-07-12 | CVE-2024-40690 | Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
| 2024-07-10 | CVE-2023-33859 | Unspecified vulnerability in IBM Security Qradar EDR 3.12 IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. | 5.3 |
| 2024-07-10 | CVE-2023-33860 | Unspecified vulnerability in IBM Security Qradar EDR 3.12 IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. | 5.3 |