hcltech
395 tracked vulnerabilities.
CVE-2025-63402
MEDIUM
HCLTech Dragon < 7.6.0 - Remote Code Execution via Unrestricted API Requests
Dec 03, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-63401
MEDIUM
HCLTech DRAGON < 7.6.0 - Cross-Site Scripting via Missing Directives
Dec 03, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-51736
MEDIUM
HCL Unica 12.0.0 - Unrestricted Upload of File with Dangerous Type
Nov 28, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-51735
HIGH
HCL Technologies Ltd. Unica 12.0.0. - Code Injection
Nov 28, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-51734
MEDIUM
HCL Unica 12.0.0 - Cross-Site Scripting
Nov 28, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-51733
MEDIUM
HCL Unica 12.0.0 - Cross-Site Request Forgery
Nov 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-52639
LOW
HCL Connections - Sensitive Information Disclosure via Improper Data Rendering
Nov 18, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-31954
MEDIUM
HCL iAutomate 6.5.1-6.5.2 - Sensitive Information Disclosure via HTTP Query String
Nov 05, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-0277
MEDIUM
HCL BigFix Mobile < 3.3 - Cross-Site Scripting via Insecure CSP Directives
Oct 16, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-0276
MEDIUM
HCL BigFix Modern Client Management < 3.3 - Cross-Site Scripting via Insecure CSP Directives
Oct 16, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-0275
MEDIUM
HCL BigFix Mobile <3.3 - Privilege Escalation
Oct 16, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-0274
MEDIUM
HCL BigFix MCM <3.3 - Privilege Escalation
Oct 16, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-31996
MEDIUM
HCL Unica Platform - Info Disclosure
Oct 13, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-52615
LOW
HCL Unica Platform - Info Disclosure
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52614
LOW
HCL Unica Platform - Info Disclosure
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-31969
MEDIUM
HCL Unica < 25.1.0 - Content Security Policy Misconfiguration
Oct 12, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-52616
MEDIUM
HCL Unica 12.1.10 - Info Disclosure
Oct 12, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-31998
LOW
HCL Unica Centralized Offer Management < 25.1.0.1 - Information Disclosure via Unhandled Exception
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-31997
MEDIUM
HCL Unica Centralized Offer Management < 25.1.0.1 - Insecure Direct Object Reference
Oct 12, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-31993
LOW
HCL Unica Centralized Offer Management < 25.1.0.1 - Server-Side Request Forgery
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52635
LOW
HCL AION 2.0 - Untrusted Types in Scripts Not Enforced in CSP
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52625
LOW
HCL AION 2.0 - Sensitive Information Exposure via Browser Cache
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52624
MEDIUM
HCL AION 2.0 - Script Allowlist Bypass via Content-Security-Policy Misconfiguration
Oct 10, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-52650
HIGH
HCL AION - Cross-Site Scripting via Inline Script Execution in CSP
Oct 10, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-52634
LOW
HCL AION 2.0 - Exposure of Sensitive Information to an Unauthorized Actor
Oct 10, 2025
CVSS 3.7
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
aftermarket_cloud 17
sametime 17
unica 17
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
digital_experience 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
traveler_for_microsoft_outlook 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
hcl_digital_experience 4
Quick Filters