hcltech
410 tracked vulnerabilities.
CVE-2025-52618
MEDIUM
HCL BigFix SaaS < 8.1.14 - SQL Injection
Aug 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31961
LOW
HCL Connections - Unauthorized Data Update via Broken Access Control
Aug 15, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-31987
MEDIUM
HCL Connections Docs - Denial of Service via Document Upload Validation Bypass
Aug 14, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-0253
LOW
HCL IntelliOps Event Management - Session Fixation via Insecure Cookie Attributes
Jul 25, 2025
CVSS 2.0
EPSS 0.00
CVE-2025-0252
LOW
HCL IntelliOps Event Management - Cleartext Transmission of Sensitive Information
Jul 25, 2025
CVSS 2.6
EPSS 0.00
CVE-2025-0251
LOW
HCL IntelliOps Event Management - Concurrent Session Vulnerability
Jul 25, 2025
CVSS 2.6
EPSS 0.00
CVE-2025-0250
LOW
HCL IntelliOps Event Management - Cleartext Transmission of Sensitive Information via Cookie
Jul 25, 2025
CVSS 2.2
EPSS 0.00
CVE-2025-0249
LOW
HCL IntelliOps Event Management - Improper JWT Token Invalidation
Jul 25, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-31955
HIGH
HCL iAutomate - Exposure of Sensitive Information to an Unauthorized Actor
Jul 24, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-31953
HIGH
HCL iAutomate - Use of Hard-coded Credentials
Jul 24, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-31952
HIGH
HCL iAutomate - Insufficient Session Expiration
Jul 24, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-0279
MEDIUM
HCL Traveler < 14.0.0.1 - Sensitive Information Exposure via Error Messages
Apr 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-0278
MEDIUM
HCL Traveler < 14.0.0.1 - Internal Path Disclosure in Windows Application
Apr 03, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-23581
MEDIUM
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerability
Jun 26, 2026
CVSS 6.7
EPSS 0.00
CVE-2024-30151
HIGH
HCL BigFix Service Management (SM) is susceptible to Broken Access Control Vulnerability
May 06, 2026
CVSS 8.3
EPSS 0.00
CVE-2024-42210
HIGH
HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability
Mar 19, 2026
CVSS 7.6
EPSS 0.00
CVE-2024-42192
MEDIUM
HCL Traveler for Microsoft Outlook < 3.0.14 - Credential Leakage
Oct 16, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-42209
LOW
HCL Connections - Exposure of Sensitive Information via Improper Request Handling
Jul 17, 2025
CVSS 3.5
EPSS 0.00
CVE-2024-42191
MEDIUM
HCL Traveler for Microsoft Outlook < 3.0.12 - COM Hijacking via Uncontrolled Search Path Element
May 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-42190
MEDIUM
HCL Traveler for Microsoft Outlook < 3.0.12 - DLL Hijacking
May 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-42213
MEDIUM
HCL BigFix Compliance - Information Disclosure via Temporary Files
May 05, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-42212
MEDIUM
HCL BigFix Compliance - Sensitive Cookie with Improper SameSite Attribute
May 05, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-30146
MEDIUM
HCL Domino Leap 1.1.3-1.1.4 - Improper Access Control in Application Import Endpoint
Apr 30, 2025
CVSS 4.1
EPSS 0.00
CVE-2024-30145
MEDIUM
Hcltech HCL Domino Volt and Domino Leap 1.1 through 1.1.5 - Client-Side Script Injection
Apr 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-30115
MEDIUM
HCL Domino Leap 1.1-1.1.3 - Stored Cross-Site Scripting via HTML Widget
Apr 30, 2025
CVSS 6.3
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters