CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-39740 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39740
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/296009 https://www.ibm.com/support/pages/node/7160185 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-39729 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39729
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295968 https://www.ibm.com/support/pages/node/7160185 • CWE-540: Inclusion of Sensitive Information in Source Code •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-39731 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39731
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295970 https://www.ibm.com/support/pages/node/7160185 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-39737 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39737
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/296004 https://www.ibm.com/support/pages/node/7160185 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6570 – Glossary <= 2.2.26 - Unauthenticated Full Path Disclosure
https://notcve.org/view.php?id=CVE-2024-6570
The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3116269%40glossary-by-codeat&new=3116269%40glossary-by-codeat&sfp_email=&sfph_mail= https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3116892%40glossary-by-codeat&new=3116892%40glossary-by-codeat&sfp_email=&sfph_mail= https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3118151%40glossary-by-codeat&new=3118151%40glossary-by-codeat&sfp_email=&sfph_mail= https:&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •