Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / hcltech

hcltech

395 tracked vulnerabilities.

CVE-2024-30151 HIGH

HCL BigFix Service Management (SM) is susceptible to Broken Access Control Vulnerability

CVE-2024-42210 HIGH

HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability

CVE-2024-42192 MEDIUM

HCL Traveler for Microsoft Outlook < 3.0.14 - Credential Leakage

CVE-2024-42209 LOW

HCL Connections - Exposure of Sensitive Information via Improper Request Handling

CVE-2024-42191 MEDIUM

HCL Traveler for Microsoft Outlook < 3.0.12 - COM Hijacking via Uncontrolled Search Path Element

CVE-2024-42190 MEDIUM

HCL Traveler for Microsoft Outlook < 3.0.12 - DLL Hijacking

CVE-2024-42213 MEDIUM

HCL BigFix Compliance - Information Disclosure via Temporary Files

CVE-2024-42212 MEDIUM

HCL BigFix Compliance - Sensitive Cookie with Improper SameSite Attribute

CVE-2024-30146 MEDIUM

HCL Domino Leap 1.1.3-1.1.4 - Improper Access Control in Application Import Endpoint

CVE-2024-30145 MEDIUM

Hcltech HCL Domino Volt and Domino Leap 1.1 through 1.1.5 - Client-Side Script Injection

CVE-2024-30115 MEDIUM

HCL Domino Leap 1.1-1.1.3 - Stored Cross-Site Scripting via HTML Widget

CVE-2024-30152 MEDIUM

HCL SX v21 - Use of a Broken or Risky Cryptographic Algorithm

CVE-2024-30127 LOW

HCL Leap < 9.3.9 - Sensitive Data Exposure via Missing Cache Headers

CVE-2024-30147 MEDIUM

HCL Leap - Client-Side Code Injection

CVE-2024-30114 LOW

HCL Leap < 9.3.6 - Stored Cross-Site Scripting in Authoring Environment

CVE-2024-30113 MEDIUM

HCL Leap < 9.3.6 - Stored Cross-Site Scripting via HTML Widget

CVE-2024-30148 MEDIUM

HCL Leap < 9.3.8 - Improper Access Control via Application Import Endpoint

CVE-2024-42178 LOW

HCL MyXalytics - Unauthenticated Information Disclosure via Unrestricted URL Access

CVE-2024-42177 LOW

HCL MyXalytics - Inadequate Encryption Strength via SSL/TLS Protocol

CVE-2024-42193 HIGH

HCL BigFix Platform 10.0.0-10.0.12 - Improper Certificate Validation

CVE-2024-42200 MEDIUM

HCL BigFix Platform 10.0.0-10.0.12 - Stored Cross-Site Scripting in Web Reports

CVE-2024-42189 MEDIUM

HCL BigFix Platform 10.0.0-10.0.12 - Denial of Service via API Parameter

CVE-2024-42208 LOW

HCL Connections - Exposure of Sensitive Information via Improper Request Handling

CVE-2024-30155 MEDIUM

HCL SX - Sensitive Cookie with Improper SameSite Attribute

CVE-2024-42176 LOW

HCL MyXalytics - Concurrent Login Vulnerability

Previous Page 6 of 16 Next

Products

bigfix_platform 33 dryice_myxalytics 31 aion 29 connections 22 domino 22 bigfix_service_management 18 aftermarket_cloud 17 sametime 17 unica 17 hcl_leap 11 notes 11 bigfix_mobile 10 bigfix_compliance 9 domino_leap 9 appscan 8 digital_experience 8 bigfix_webui 7 hcl_inotes 7 bigfix_modern_client_management 6 dryice_iautomate 6 traveler 6 bigfix_insights_for_vulnerability_remediation 5 dfxanalytics 5 intelliops_event_management 5 traveler_for_microsoft_outlook 5 verse 5 bigfix_saas 4 dryice_aex 4 hcl_compass 4 hcl_digital_experience 4

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy