hcltech
410 tracked vulnerabilities.
CVE-2025-55272
LOW
HCL Aftermarket DPC is affected by Banner Disclosure vulnerability
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-55271
LOW
HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability
Mar 26, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-55270
LOW
HCL Aftermarket DPC is affected by Improper Input Validation
Mar 26, 2026
CVSS 3.5
EPSS 0.01
CVE-2025-55269
MEDIUM
HCL Aftermarket DPC is affected by Weak Password Policy vulnerability
Mar 26, 2026
CVSS 4.2
EPSS 0.00
CVE-2025-55268
MEDIUM
HCL Aftermarket DPC is affected by Spamming Vulnerability
Mar 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-55267
MEDIUM
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability
Mar 26, 2026
CVSS 5.7
EPSS 0.00
CVE-2025-55266
MEDIUM
HCL Aftermarket DPC is affected by Session Fixation
Mar 26, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-55265
MEDIUM
HCL Aftermarket DPC is affected by File Discovery
Mar 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-62320
MEDIUM
HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platform
Mar 17, 2026
CVSS 4.7
EPSS 0.00
CVE-2025-31966
LOW
Boolean-Based SQL Injection in Multiple Unica Components
Mar 17, 2026
CVSS 2.7
EPSS 0.00
CVE-2025-62319
CRITICAL
Boolean-Based SQL Injection in Multiple Unica Components
Mar 16, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-52649
LOW
HCL AION is affected by a vulnerability where certain identifiers may be predictable in nature
Mar 16, 2026
CVSS 1.8
EPSS 0.00
CVE-2025-52646
LOW
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries.
Mar 16, 2026
CVSS 2.2
EPSS 0.00
CVE-2025-52645
LOW
HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification.
Mar 16, 2026
CVSS 1.9
EPSS 0.00
CVE-2025-52644
MEDIUM
HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged.
Mar 16, 2026
CVSS 5.8
EPSS 0.00
CVE-2025-52643
MEDIUM
HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a properly isolated sandbox environment
Mar 16, 2026
CVSS 4.7
EPSS 0.00
CVE-2025-52642
LOW
HCL AION is affected by an internal filesystem paths disloser vulnerability
Mar 16, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-52636
LOW
HCL AION is affected by a improper handling of uploads files Size
Mar 16, 2026
CVSS 1.8
EPSS 0.00
CVE-2025-62326
MEDIUM
HCL Digital Experience - Authenticated Stored Cross-Site Scripting in Administrative User Interface
Feb 20, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-52603
LOW
HCL Connections - Information Disclosure via Browser Metadata Exposure
Feb 20, 2026
CVSS 3.5
EPSS 0.00
CVE-2025-52633
LOW
HCL AION 2.0 - Sensitive Session Information Exposure via Persistent Cookies
Feb 03, 2026
CVSS 3.1
EPSS 0.00
CVE-2025-52631
LOW
HCL AION 2.0 - Exposure of Sensitive Information via Missing HSTS Header
Feb 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-52628
MEDIUM
HCL AION 2.0 - Sensitive Cookie with Improper SameSite Attribute
Feb 03, 2026
CVSS 4.6
EPSS 0.00
CVE-2025-52623
LOW
HCL AION 2.0 - Insufficiently Protected Credentials via Password Field Autocomplete
Feb 03, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-52629
LOW
HCL AION 2.0 - Missing Content-Security-Policy Header
Feb 03, 2026
CVSS 3.7
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters