hcltech
410 tracked vulnerabilities.
CVE-2025-31983
LOW
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header
May 06, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-31982
LOW
HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directl
May 06, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-31978
MEDIUM
HCL BigFix Service Management (SM) does not adequately sanitize or safely render
May 06, 2026
CVSS 4.6
EPSS 0.00
CVE-2025-31976
MEDIUM
HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials
May 06, 2026
CVSS 4.8
EPSS 0.00
CVE-2025-31975
LOW
HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified.
May 06, 2026
CVSS 2.6
EPSS 0.00
CVE-2025-31959
LOW
HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images.
May 06, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-31957
LOW
HCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability.
May 06, 2026
CVSS 2.6
EPSS 0.00
CVE-2025-59854
LOW
HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability
May 06, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-59853
LOW
HCL DFXAnalytics is affected by an Improper Error Handling vulnerability
May 06, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-59852
LOW
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability
May 06, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-59851
LOW
HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability
May 06, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-31970
MEDIUM
HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability
May 06, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-31981
MEDIUM
HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption
Apr 21, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-31958
LOW
HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling
Apr 21, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-52641
LOW
Internal Filesystem Exploration vulnerability
Apr 15, 2026
CVSS 2.9
EPSS 0.00
CVE-2025-31991
MEDIUM
HCL DevOps Velocity is susceptible to brute-force attacks
Apr 13, 2026
CVSS 6.8
EPSS 0.00
CVE-2025-55264
MEDIUM
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change
Mar 26, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55263
HIGH
HCL Aftermarket DPC is affected by Hardcoded Sensitive Data
Mar 26, 2026
CVSS 7.3
EPSS 0.00
CVE-2025-55262
HIGH
HCL Aftermarket DPC is affected by SQL Injection
Mar 26, 2026
CVSS 8.3
EPSS 0.00
CVE-2025-55261
HIGH
HCL Aftermarket DPC is affected by Missing Functional Level Access Control
Mar 26, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-55277
LOW
HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability
Mar 26, 2026
CVSS 2.6
EPSS 0.00
CVE-2025-55276
LOW
HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-55275
LOW
HCL Aftermarket DPC is affected by Admin Session Concurrency vulnerability
Mar 26, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-55274
LOW
HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability
Mar 26, 2026
CVSS 2.6
EPSS 0.00
CVE-2025-55273
MEDIUM
HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability
Mar 26, 2026
CVSS 4.3
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters