hcltech

410 tracked vulnerabilities.

CVE-2025-55272 LOW
HCL Aftermarket DPC is affected by Banner Disclosure vulnerability
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-55271 LOW
HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-55270 LOW
HCL Aftermarket DPC is affected by Improper Input Validation
Mar 26, 2026
CVSS 3.5
EPSS 0.01
CVE-2025-55269 MEDIUM
HCL Aftermarket DPC is affected by Weak Password Policy vulnerability
Mar 26, 2026
CVSS 4.2
EPSS 0.00
CVE-2025-55268 MEDIUM
HCL Aftermarket DPC is affected by Spamming Vulnerability
Mar 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-55267 MEDIUM
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability
Mar 26, 2026
CVSS 5.7
EPSS 0.00
CVE-2025-55266 MEDIUM
HCL Aftermarket DPC is affected by Session Fixation
Mar 26, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-55265 MEDIUM
HCL Aftermarket DPC is affected by File Discovery
Mar 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-62320 MEDIUM
HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platform
Mar 17, 2026
CVSS 4.7
EPSS 0.00
CVE-2025-31966 LOW
Boolean-Based SQL Injection in Multiple Unica Components
Mar 17, 2026
CVSS 2.7
EPSS 0.00
CVE-2025-62319 CRITICAL
Boolean-Based SQL Injection in Multiple Unica Components
Mar 16, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-52649 LOW
HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature
Mar 16, 2026
CVSS 1.8
EPSS 0.00
CVE-2025-52646 LOW
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries.
Mar 16, 2026
CVSS 2.2
EPSS 0.00
CVE-2025-52645 LOW
HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification.
Mar 16, 2026
CVSS 1.9
EPSS 0.00
CVE-2025-52644 MEDIUM
HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged.
Mar 16, 2026
CVSS 5.8
EPSS 0.00
CVE-2025-52643 MEDIUM
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment
Mar 16, 2026
CVSS 4.7
EPSS 0.00
CVE-2025-52642 LOW
HCL AION is affected by an internal filesystem paths disloser vulnerability
Mar 16, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-52636 LOW
HCL AION is affected by a improper handling of uploads files Size
Mar 16, 2026
CVSS 1.8
EPSS 0.00
CVE-2025-62326 MEDIUM
HCL Digital Experience - Authenticated Stored Cross-Site Scripting in Administrative User Interface
Feb 20, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-52603 LOW
HCL Connections - Information Disclosure via Browser Metadata Exposure
Feb 20, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-52633 LOW
HCL AION 2.0 - Sensitive Session Information Exposure via Persistent Cookies
Feb 03, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-52631 LOW
HCL AION 2.0 - Exposure of Sensitive Information via Missing HSTS Header
Feb 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-52628 MEDIUM
HCL AION 2.0 - Sensitive Cookie with Improper SameSite Attribute
Feb 03, 2026
CVSS 4.6
EPSS 0.00
CVE-2025-52623 LOW
HCL AION 2.0 - Insufficiently Protected Credentials via Password Field Autocomplete
Feb 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-52629 LOW
HCL AION 2.0 - Missing Content-Security-Policy Header
Feb 03, 2026
CVSS 3.7
EPSS 0.00