hcltech

410 tracked vulnerabilities.

CVE-2025-52618 MEDIUM
HCL BigFix SaaS < 8.1.14 - SQL Injection
Aug 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31961 LOW
HCL Connections - Unauthorized Data Update via Broken Access Control
Aug 15, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-31987 MEDIUM
HCL Connections Docs - Denial of Service via Document Upload Validation Bypass
Aug 14, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-0253 LOW
HCL IntelliOps Event Management - Session Fixation via Insecure Cookie Attributes
Jul 25, 2025
CVSS 2.0
EPSS 0.00
CVE-2025-0252 LOW
HCL IntelliOps Event Management - Cleartext Transmission of Sensitive Information
Jul 25, 2025
CVSS 2.6
EPSS 0.00
CVE-2025-0251 LOW
HCL IntelliOps Event Management - Concurrent Session Vulnerability
Jul 25, 2025
CVSS 2.6
EPSS 0.00
CVE-2025-0250 LOW
HCL IntelliOps Event Management - Cleartext Transmission of Sensitive Information via Cookie
Jul 25, 2025
CVSS 2.2
EPSS 0.00
CVE-2025-0249 LOW
HCL IntelliOps Event Management - Improper JWT Token Invalidation
Jul 25, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-31955 HIGH
HCL iAutomate - Exposure of Sensitive Information to an Unauthorized Actor
Jul 24, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-31953 HIGH
HCL iAutomate - Use of Hard-coded Credentials
Jul 24, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-31952 HIGH
HCL iAutomate - Insufficient Session Expiration
Jul 24, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-0279 MEDIUM
HCL Traveler < 14.0.0.1 - Sensitive Information Exposure via Error Messages
Apr 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-0278 MEDIUM
HCL Traveler < 14.0.0.1 - Internal Path Disclosure in Windows Application
Apr 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-23581 MEDIUM
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerability
Jun 26, 2026
CVSS 6.7
EPSS 0.00
CVE-2024-30151 HIGH
HCL BigFix Service Management (SM) is susceptible to Broken Access Control Vulnerability
May 06, 2026
CVSS 8.3
EPSS 0.00
CVE-2024-42210 HIGH
HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability
Mar 19, 2026
CVSS 7.6
EPSS 0.00
CVE-2024-42192 MEDIUM
HCL Traveler for Microsoft Outlook < 3.0.14 - Credential Leakage
Oct 16, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-42209 LOW
HCL Connections - Exposure of Sensitive Information via Improper Request Handling
Jul 17, 2025
CVSS 3.5
EPSS 0.00
CVE-2024-42191 MEDIUM
HCL Traveler for Microsoft Outlook < 3.0.12 - COM Hijacking via Uncontrolled Search Path Element
May 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-42190 MEDIUM
HCL Traveler for Microsoft Outlook < 3.0.12 - DLL Hijacking
May 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-42213 MEDIUM
HCL BigFix Compliance - Information Disclosure via Temporary Files
May 05, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-42212 MEDIUM
HCL BigFix Compliance - Sensitive Cookie with Improper SameSite Attribute
May 05, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-30146 MEDIUM
HCL Domino Leap 1.1.3-1.1.4 - Improper Access Control in Application Import Endpoint
Apr 30, 2025
CVSS 4.1
EPSS 0.00
CVE-2024-30145 MEDIUM
Hcltech HCL Domino Volt and Domino Leap 1.1 through 1.1.5 - Client-Side Script Injection
Apr 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-30115 MEDIUM
HCL Domino Leap 1.1-1.1.3 - Stored Cross-Site Scripting via HTML Widget
Apr 30, 2025
CVSS 6.3
EPSS 0.00