cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-39740,https://securityvulnerability.io/vulnerability/CVE-2024-39740,IBM Datacap Navigator version information leakage,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system.  IBM X-Force ID:  296009.",IBM,"Datacap,Datacap Navigator",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-15T03:15:00.000Z,0
CVE-2024-39741,https://securityvulnerability.io/vulnerability/CVE-2024-39741,Datacap Navigator Vulnerability Allows Remote File Access,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing ""dot dot"" sequences (/../) to view arbitrary files on the system.  IBM X-Force ID:  296010.",IBM,"Datacap,Datacap Navigator",5.3,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-07-15T03:15:00.000Z,0
CVE-2024-39735,https://securityvulnerability.io/vulnerability/CVE-2024-39735,Datacap Navigator Vulnerable to Cross-Site Scripting,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  296002.",IBM,"Datacap,Datacap Navigator",5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-07-15T03:15:00.000Z,0
CVE-2024-39729,https://securityvulnerability.io/vulnerability/CVE-2024-39729,IBM Datacap Navigator Vulnerabilities Could Lead to Source Code Theft,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system.  IBM X-Force ID:  295968.",IBM,"Datacap,Datacap Navigator",4.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-07-15T03:15:00.000Z,0
CVE-2024-39736,https://securityvulnerability.io/vulnerability/CVE-2024-39736,Datacap Navigator Vulnerable to HTTP Header Injection,"IBM Datacap Navigator versions 9.1.5 through 9.1.9 are exposed to an HTTP header injection vulnerability stemming from inadequate validation of input in the HOST headers. This security flaw could permit an attacker to execute various attacks, such as cross-site scripting, session hijacking, or cache poisoning, potentially compromising the integrity and confidentiality of sensitive information processed by the application. This vulnerability highlights the importance of proper input validation and secure coding practices to mitigate risks associated with web application vulnerabilities.",IBM,"Datacap,Datacap Navigator",9.8,CRITICAL,0.0007600000244565308,false,,false,false,false,,,false,false,,2024-07-15T02:15:00.000Z,0
CVE-2024-39739,https://securityvulnerability.io/vulnerability/CVE-2024-39739,IBM Datacap Navigator Vulnerable to Server-Side Request Forgery (SSRF),"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.  IBM X-Force ID:  296008.",IBM,"Datacap,Datacap Navigator",4.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-07-15T02:15:00.000Z,0
CVE-2024-39728,https://securityvulnerability.io/vulnerability/CVE-2024-39728,Stored Cross-Site Scripting Vulnerability in IBM Datacap Navigator,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  295967.",IBM,"Datacap,Datacap Navigator",5.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-07-15T02:15:00.000Z,0
CVE-2024-39731,https://securityvulnerability.io/vulnerability/CVE-2024-39731,IBM Datacap Navigator Weaker Cryptographic Algorithms Vulnerability,"IBM Datacap Navigator versions 9.1.5 through 9.1.9 are affected by vulnerabilities due to the utilization of weaker than expected cryptographic algorithms. This security issue poses significant risks, as it may allow unauthorized attackers to decrypt sensitive data. Organizations using these versions must be aware of the potential exposure of highly confidential information and take the necessary steps to mitigate these risks. The security flaw has been identified and cataloged under IBM X-Force ID: 295970. Recommendations for improved cryptographic practices and an upgrade path to secure versions are advisable.",IBM,Datacap,7.5,HIGH,0.0007600000244565308,false,,false,false,false,,,false,false,,2024-07-15T02:15:00.000Z,0
CVE-2024-39737,https://securityvulnerability.io/vulnerability/CVE-2024-39737,Datacap Navigator Vulnerability Could Lead to Sensitive Information Theft,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.  This information could be used in further attacks against the system.  IBM X-Force ID:  296004.",IBM,"Datacap,Datacap Navigator",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-15T02:15:00.000Z,0
CVE-2024-39733,https://securityvulnerability.io/vulnerability/CVE-2024-39733,IBM Datacap Navigator Stores User Credentials in Plain Clear Text,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user.  IBM X-Force ID:  295972.",IBM,Datacap Navigator,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-14T12:41:47.696Z,0
CVE-2024-39732,https://securityvulnerability.io/vulnerability/CVE-2024-39732,Datacap Navigator Data at Risk Due to Temporary Storage of Sensitive Data,"IBM Datacap Navigator versions 9.1.5 through 9.1.9 are susceptible to a vulnerability that arises from the temporary storage of sensitive data across different environments. This data may potentially be exploited by malicious users seeking unauthorized access, posing significant risks to data integrity and confidentiality. Organizations utilizing the affected versions should prioritize a review of their security posture and apply necessary mitigations to safeguard their information assets. IBM X-Force ID: 295791 provides additional context on this vulnerability.",IBM,Datacap Navigator,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-07-14T12:39:59.599Z,0
CVE-2024-39734,https://securityvulnerability.io/vulnerability/CVE-2024-39734,IBM Datacap Navigator vulnerability - Secure token handling,"IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.  IBM X-Force ID:  296001.",IBM,Datacap Navigator,4.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-14T12:38:03.320Z,0
CVE-2020-4935,https://securityvulnerability.io/vulnerability/CVE-2020-4935,,IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191753.,IBM,Datacap Navigator,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-07-01T16:15:00.000Z,0
CVE-2020-4902,https://securityvulnerability.io/vulnerability/CVE-2020-4902,,"IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045.",IBM,Datacap Navigator,6.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2021-07-01T16:15:00.000Z,0
CVE-2018-1773,https://securityvulnerability.io/vulnerability/CVE-2018-1773,,"IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed.  IBM X-Force ID: 148691.",IBM,Datacap,4.3,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2018-09-12T14:29:00.000Z,0
CVE-2014-0879,https://securityvulnerability.io/vulnerability/CVE-2014-0879,,"Stack-based buffer overflow in the Taskmaster Capture ActiveX control in IBM Datacap Taskmaster Capture 8.0.1, and 8.1 before FP2, allows remote attackers to execute arbitrary code via unspecified vectors.",IBM,Datacap Taskmaster Capture,,,0.031950000673532486,false,,false,false,false,,,false,false,,2014-03-21T10:00:00.000Z,0
CVE-2011-2142,https://securityvulnerability.io/vulnerability/CVE-2011-2142,,"The Web Client Service in IBM Datacap Taskmaster Capture 8.0.1 before FP1 requires a cleartext password, which has unspecified impact and attack vectors.",IBM,Datacap Taskmaster Capture,,,0.001290000043809414,false,,false,false,false,,,false,false,,2011-05-16T18:00:00.000Z,0
CVE-2011-2144,https://securityvulnerability.io/vulnerability/CVE-2011-2144,,The eDocument Conversion Actions implementation in IBM Datacap Taskmaster Capture 8.0.1 FP1 and earlier allows remote attackers to cause a denial of service (batch abort) via a long subject line in an e-mail message that is represented in a .eml file.,IBM,Datacap Taskmaster Capture,,,0.008139999583363533,false,,false,false,false,,,false,false,,2011-05-16T18:00:00.000Z,0
CVE-2011-2143,https://securityvulnerability.io/vulnerability/CVE-2011-2143,,"IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account name from a different domain.",IBM,Datacap Taskmaster Capture,,,0.003909999970346689,false,,false,false,false,,,false,false,,2011-05-16T18:00:00.000Z,0
CVE-2011-2141,https://securityvulnerability.io/vulnerability/CVE-2011-2141,,SQL injection vulnerability in TMWeb in IBM Datacap Taskmaster Capture 8.0.1 before FP1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.,IBM,Datacap Taskmaster Capture,,,0.0026400000788271427,false,,false,false,false,,,false,false,,2011-05-16T18:00:00.000Z,0