hcltech
410 tracked vulnerabilities.
CVE-2022-38658
HIGH
HCL BigFix Server Automation < 3.2.1 - Sensitive Data Exposure via SMTP Notification Service
Dec 24, 2022
CVSS 7.7
EPSS 0.00
CVE-2022-38655
MEDIUM
BigFix WebUI - Privilege Escalation
Dec 21, 2022
CVSS 6.4
EPSS 0.00
CVE-2022-44755
CRITICAL
HCL Notes - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44754
CRITICAL
HCL Domino - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44753
CRITICAL
HCL Notes - Stack-Based Buffer Overflow in wp6sr.dll via Crafted WordPerfect File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44752
CRITICAL
HCL Domino - Stack-Based Buffer Overflow in wp6sr.dll via Crafted WordPerfect File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44751
CRITICAL
HCL Notes - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-44750
CRITICAL
HCL Domino - Stack-Based Buffer Overflow in lasr.dll via Crafted Lotus Ami Pro File
Dec 19, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-42453
MEDIUM
HCL BigFix Platform 9.5.0-9.5.20 - Insufficient Authentication Warning for Fixlet Import
Dec 19, 2022
CVSS 6.9
EPSS 0.00
CVE-2022-38662
MEDIUM
HCL Digital Experience - Open Redirect
Dec 19, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-38659
MEDIUM
HCL BigFix Platform 9.5-9.5.19 - Inadequate Encryption Strength of Operator Credentials
Dec 19, 2022
CVSS 6.0
EPSS 0.00
CVE-2022-38653
LOW
HCL Digital Experience - Stored Cross-Site Scripting
Dec 19, 2022
CVSS 2.0
EPSS 0.00
CVE-2022-42446
MEDIUM
HCL Sametime 12 - Unauthenticated User Directory Access and Chat Creation
Dec 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-38654
MEDIUM
HCL Domino - Authenticated Information Disclosure via Directory Search xACL Bypass
Nov 04, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-38660
HIGH
HCL XPages - Cross-Site Request Forgery
Nov 04, 2022
CVSS 8.3
EPSS 0.00
CVE-2022-27561
HIGH
HCL Traveler < 12.0.1.2 - Reflected Cross-Site Scripting in Web Admin
Sep 15, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27563
HIGH
HCL VersionVault Express - Unauthenticated Denial of Service
Aug 30, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27560
MEDIUM
HCL VersionVault Express - Insufficiently Protected Credentials
Aug 30, 2022
CVSS 6.0
EPSS 0.00
CVE-2022-27558
MEDIUM
HCL iNotes - Info Disclosure
Aug 29, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-27547
MEDIUM
HCL iNotes - Open Redirect via Non-Existent Domain Link
Aug 29, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-27546
HIGH
Hcltech Hcl Inotes - XSS
Aug 29, 2022
CVSS 8.3
EPSS 0.01
CVE-2022-27545
MEDIUM
HCL BigFix Platform 9.5-9.5.18 - Authenticated Cross-Site Scripting in Email Configuration Page
Jul 19, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-27544
MEDIUM
HCL BigFix Platform 9.5-9.5.19 - Authenticated Cleartext SMTP Credential Exposure
Jul 19, 2022
CVSS 5.0
EPSS 0.00
CVE-2021-27788
HIGH
HCL Verse 2.0-3.0 - Unauthenticated Stored Cross-Site Scripting via Crafted URL
Mar 10, 2023
CVSS 8.3
EPSS 0.01
CVE-2021-27782
MEDIUM
HCL BigFix Mobile - Info Disclosure
Jan 20, 2023
CVSS 5.4
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters