hcltech
410 tracked vulnerabilities.
CVE-2025-31996
MEDIUM
HCL Unica Platform - Info Disclosure
Oct 13, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-52615
LOW
HCL Unica Platform - Info Disclosure
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52614
LOW
HCL Unica Platform - Info Disclosure
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-31969
MEDIUM
HCL Unica < 25.1.0 - Content Security Policy Misconfiguration
Oct 12, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-52616
MEDIUM
HCL Unica 12.1.10 - Info Disclosure
Oct 12, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-31998
LOW
HCL Unica Centralized Offer Management < 25.1.0.1 - Information Disclosure via Unhandled Exception
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-31997
MEDIUM
HCL Unica Centralized Offer Management < 25.1.0.1 - Insecure Direct Object Reference
Oct 12, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-31993
LOW
HCL Unica Centralized Offer Management < 25.1.0.1 - Server-Side Request Forgery
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52635
LOW
HCL AION 2.0 - Untrusted Types in Scripts Not Enforced in CSP
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52625
LOW
HCL AION 2.0 - Sensitive Information Exposure via Browser Cache
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52624
MEDIUM
HCL AION 2.0 - Script Allowlist Bypass via Content-Security-Policy Misconfiguration
Oct 10, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-52650
HIGH
HCL AION - Cross-Site Scripting via Inline Script Execution in CSP
Oct 10, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-52634
LOW
HCL AION 2.0 - Exposure of Sensitive Information to an Unauthorized Actor
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52632
MEDIUM
HCL AION 2.0 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Oct 10, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-52630
LOW
HCL AION 2.0 - Exposure of Sensitive Information to an Unauthorized Actor
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52658
LOW
HCL MyXalytics - Info Disclosure
Oct 03, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52656
HIGH
HCL MyXalytics: 6.6 - Info Disclosure
Oct 03, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-52654
MEDIUM
HCL MyXalytics 6.6 - HTML Injection
Oct 03, 2025
CVSS 4.6
EPSS 0.00
CVE-2025-52653
HIGH
HCL MyXalytics - Cross-Site Scripting
Oct 03, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-31977
MEDIUM
HCL BigFix SM - Cryptographic Weakness via Weak Encryption Algorithms
Aug 28, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-31972
MEDIUM
HCL BigFix SM - Sensitive Information Exposure via Cleartext Internal Connections
Aug 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-31988
MEDIUM
HCL Digital Experience - Stored Cross-Site Scripting in Administrative UI
Aug 19, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-52621
MEDIUM
HCL BigFix SaaS < 8.1.14 - Cache Poisoning via Origin Header Reflection
Aug 15, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-52620
MEDIUM
HCL BigFix SaaS < 8.1.14 - Cross-Site Scripting via Image Upload
Aug 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-52619
MEDIUM
HCL BigFix SaaS < 8.1.14 - Sensitive Information Disclosure in Authentication Service Error Messages
Aug 15, 2025
CVSS 5.3
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters