hcltech

410 tracked vulnerabilities.

CVE-2022-38658 HIGH
HCL BigFix Server Automation < 3.2.1 - Sensitive Data Exposure via SMTP Notification Service
Dec 24, 2022
CVSS 7.7
EPSS 0.00
CVE-2022-38655 MEDIUM
BigFix WebUI - Privilege Escalation
Dec 21, 2022
CVSS 6.4
EPSS 0.00
CVE-2022-44755 CRITICAL
HCL Notes - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44754 CRITICAL
HCL Domino - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44753 CRITICAL
HCL Notes - Stack-Based Buffer Overflow in wp6sr.dll via Crafted WordPerfect File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44752 CRITICAL
HCL Domino - Stack-Based Buffer Overflow in wp6sr.dll via Crafted WordPerfect File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44751 CRITICAL
HCL Notes - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44750 CRITICAL
HCL Domino - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-42453 MEDIUM
HCL BigFix Platform 9.5.0-9.5.20 - Insufficient Authentication Warning for Fixlet Import
Dec 19, 2022
CVSS 6.9
EPSS 0.00
CVE-2022-38662 MEDIUM
HCL Digital Experience - Open Redirect
Dec 19, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-38659 MEDIUM
HCL BigFix Platform 9.5-9.5.19 - Inadequate Encryption Strength of Operator Credentials
Dec 19, 2022
CVSS 6.0
EPSS 0.00
CVE-2022-38653 LOW
HCL Digital Experience - Stored Cross-Site Scripting
Dec 19, 2022
CVSS 2.0
EPSS 0.00
CVE-2022-42446 MEDIUM
HCL Sametime 12 - Unauthenticated User Directory Access and Chat Creation
Dec 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-38654 MEDIUM
HCL Domino - Authenticated Information Disclosure via Directory Search xACL Bypass
Nov 04, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-38660 HIGH
HCL XPages - Cross-Site Request Forgery
Nov 04, 2022
CVSS 8.3
EPSS 0.00
CVE-2022-27561 HIGH
HCL Traveler < 12.0.1.2 - Reflected Cross-Site Scripting in Web Admin
Sep 15, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27563 HIGH
HCL VersionVault Express - Unauthenticated Denial of Service
Aug 30, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27560 MEDIUM
HCL VersionVault Express - Insufficiently Protected Credentials
Aug 30, 2022
CVSS 6.0
EPSS 0.00
CVE-2022-27558 MEDIUM
HCL iNotes - Info Disclosure
Aug 29, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-27547 MEDIUM
HCL iNotes - Open Redirect via Non-Existent Domain Link
Aug 29, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-27546 HIGH
Hcltech Hcl Inotes - XSS
Aug 29, 2022
CVSS 8.3
EPSS 0.01
CVE-2022-27545 MEDIUM
HCL BigFix Platform 9.5-9.5.18 - Authenticated Cross-Site Scripting in Email Configuration Page
Jul 19, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-27544 MEDIUM
HCL BigFix Platform 9.5-9.5.19 - Authenticated Cleartext SMTP Credential Exposure
Jul 19, 2022
CVSS 5.0
EPSS 0.00
CVE-2021-27788 HIGH
HCL Verse 2.0-3.0 - Unauthenticated Stored Cross-Site Scripting via Crafted URL
Mar 10, 2023
CVSS 8.3
EPSS 0.01
CVE-2021-27782 MEDIUM
HCL BigFix Mobile - Info Disclosure
Jan 20, 2023
CVSS 5.4
EPSS 0.00