hcltech

410 tracked vulnerabilities.

CVE-2025-31996 MEDIUM
HCL Unica Platform - Info Disclosure
Oct 13, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-52615 LOW
HCL Unica Platform - Info Disclosure
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52614 LOW
HCL Unica Platform - Info Disclosure
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-31969 MEDIUM
HCL Unica < 25.1.0 - Content Security Policy Misconfiguration
Oct 12, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-52616 MEDIUM
HCL Unica 12.1.10 - Info Disclosure
Oct 12, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-31998 LOW
HCL Unica Centralized Offer Management < 25.1.0.1 - Information Disclosure via Unhandled Exception
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-31997 MEDIUM
HCL Unica Centralized Offer Management < 25.1.0.1 - Insecure Direct Object Reference
Oct 12, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-31993 LOW
HCL Unica Centralized Offer Management < 25.1.0.1 - Server-Side Request Forgery
Oct 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52635 LOW
HCL AION 2.0 - Untrusted Types in Scripts Not Enforced in CSP
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52625 LOW
HCL AION 2.0 - Sensitive Information Exposure via Browser Cache
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52624 MEDIUM
HCL AION 2.0 - Script Allowlist Bypass via Content-Security-Policy Misconfiguration
Oct 10, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-52650 HIGH
HCL AION - Cross-Site Scripting via Inline Script Execution in CSP
Oct 10, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-52634 LOW
HCL AION 2.0 - Exposure of Sensitive Information to an Unauthorized Actor
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52632 MEDIUM
HCL AION 2.0 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Oct 10, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-52630 LOW
HCL AION 2.0 - Exposure of Sensitive Information to an Unauthorized Actor
Oct 10, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-52658 LOW
HCL MyXalytics - Info Disclosure
Oct 03, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-52656 HIGH
HCL MyXalytics: 6.6 - Info Disclosure
Oct 03, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-52654 MEDIUM
HCL MyXalytics 6.6 - HTML Injection
Oct 03, 2025
CVSS 4.6
EPSS 0.00
CVE-2025-52653 HIGH
HCL MyXalytics - Cross-Site Scripting
Oct 03, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-31977 MEDIUM
HCL BigFix SM - Cryptographic Weakness via Weak Encryption Algorithms
Aug 28, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-31972 MEDIUM
HCL BigFix SM - Sensitive Information Exposure via Cleartext Internal Connections
Aug 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-31988 MEDIUM
HCL Digital Experience - Stored Cross-Site Scripting in Administrative UI
Aug 19, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-52621 MEDIUM
HCL BigFix SaaS < 8.1.14 - Cache Poisoning via Origin Header Reflection
Aug 15, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-52620 MEDIUM
HCL BigFix SaaS < 8.1.14 - Cross-Site Scripting via Image Upload
Aug 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-52619 MEDIUM
HCL BigFix SaaS < 8.1.14 - Sensitive Information Disclosure in Authentication Service Error Messages
Aug 15, 2025
CVSS 5.3
EPSS 0.00