hcltech
410 tracked vulnerabilities.
CVE-2023-37531
LOW
HCL BigFix Platform 9.5-9.5.23 - Stored Cross-Site Scripting in Web Reports Form Field
Feb 29, 2024
CVSS 3.3
EPSS 0.00
CVE-2023-37530
LOW
HCL BigFix Platform 9.5-9.5.23 - Cross-Site Scripting in Web Reports
Feb 29, 2024
CVSS 3.0
EPSS 0.00
CVE-2023-37529
LOW
HCL BigFix Platform 9.5-9.5.23 - Cross-Site Scripting in Web Reports
Feb 29, 2024
CVSS 3.0
EPSS 0.00
CVE-2023-37495
MEDIUM
HCL Domino 9.0-14.0 - Weak Password Hashing in Person Documents
Feb 29, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-37540
LOW
HCL Sametime 11.5-12.0.1 - Insecure Storage of Sensitive Information via Eclipse Secure Storage
Feb 23, 2024
CVSS 3.9
EPSS 0.00
CVE-2023-28018
MEDIUM
HCL Connections - Denial of Service via Crafted Request
Feb 12, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-45698
MEDIUM
HCL Sametime Chat and Meetings - Clickjacking via Outlook Add-in
Feb 10, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-45696
MEDIUM
HCL Sametime 11.5-12.0.1 - Sensitive Information Exposure via Legacy Web Chat Autocomplete
Feb 10, 2024
CVSS 4.0
EPSS 0.00
CVE-2023-45718
LOW
HCL Sametime 11.5-12.0.1 - Insufficient Session Expiration in Web Client
Feb 09, 2024
CVSS 3.9
EPSS 0.00
CVE-2023-45716
LOW
HCL Sametime < 12.0.2 - Cleartext Transmission of Sensitive Information via URL
Feb 09, 2024
CVSS 1.7
EPSS 0.00
CVE-2023-50349
MEDIUM
HCL Sametime < 12.0.2 - Cross-Site Request Forgery in REST APIs
Feb 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-37528
MEDIUM
HCL BigFix Platform 9.5-9.5.23 - Cross-Site Scripting in Web Reports Save Report Parameter
Feb 03, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-37527
MEDIUM
HCL BigFix Platform 9.5-9.5.23 - Reflected Cross-Site Scripting in Web Reports
Feb 02, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-37518
MEDIUM
HCL BigFix ServiceNow Data Flow < 1.3 - Authenticated Code Injection
Jan 30, 2024
CVSS 6.4
EPSS 0.00
CVE-2023-50344
MEDIUM
HCL DRYiCE MyXalytics - Unauthenticated File Download via Improper Access Control
Jan 03, 2024
CVSS 5.4
EPSS 0.00
CVE-2023-50343
HIGH
HCL DRYiCE MyXalytics - Authenticated Improper Access Control via Controller APIs
Jan 03, 2024
CVSS 8.3
EPSS 0.00
CVE-2023-50342
HIGH
HCL DRYiCE MyXalytics - Insecure Direct Object Reference
Jan 03, 2024
CVSS 7.1
EPSS 0.00
CVE-2023-50341
HIGH
HCL DRYiCE MyXalytics - Improper Access Control via Obsolete Web Pages
Jan 03, 2024
CVSS 7.6
EPSS 0.00
CVE-2023-45724
HIGH
HCL DRYiCE MyXalytics - Unauthenticated Unrestricted Upload of File with Dangerous Type
Jan 03, 2024
CVSS 8.2
EPSS 0.01
CVE-2023-45723
HIGH
HCL DRYiCE MyXalytics - Path Traversal via File Upload Endpoint
Jan 03, 2024
CVSS 7.6
EPSS 0.01
CVE-2023-45722
HIGH
HCL DRYiCE MyXalytics - Path Traversal and Arbitrary File Read
Jan 03, 2024
CVSS 8.8
EPSS 0.01
CVE-2023-50351
HIGH
HCL DRYiCE MyXalytics - Use of a Broken or Risky Cryptographic Algorithm via Insecure Key Rotation Mechanism
Jan 03, 2024
CVSS 8.2
EPSS 0.00
CVE-2023-50350
HIGH
HCL DRYiCE MyXalytics - Use of a Broken Cryptographic Algorithm
Jan 03, 2024
CVSS 8.2
EPSS 0.00
CVE-2023-50348
LOW
HCL DRYiCE MyXalytics - Information Disclosure via Detailed Error Messages
Jan 03, 2024
CVSS 3.1
EPSS 0.00
CVE-2023-50346
LOW
HCL DRYiCE MyXalytics - Exposure of Sensitive Information via File Information Endpoints
Jan 03, 2024
CVSS 3.1
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters