Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-15 | CVE-2024-39740 | Unspecified vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. | 5.3 |
2024-07-15 | CVE-2024-39741 | Path Traversal vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. | 5.3 |
2024-07-15 | CVE-2024-39728 | Cross-site Scripting vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. | 5.4 |
2024-07-15 | CVE-2024-39737 | Information Exposure Through an Error Message vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
2024-07-15 | CVE-2024-39739 | Server-Side Request Forgery (SSRF) vulnerability in IBM Datacap and Datacap Navigator IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). | 4.3 |
2024-07-14 | CVE-2024-39733 | Insufficiently Protected Credentials vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
2024-07-14 | CVE-2024-39734 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Datacap IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2024-07-12 | CVE-2024-40690 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
2024-07-10 | CVE-2023-33859 | Response Discrepancy Information Exposure vulnerability in IBM Security Qradar EDR 3.12 IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. | 5.3 |
2024-07-10 | CVE-2023-33860 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in IBM Security Qradar EDR 3.12 IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. | 5.3 |