hcltech
410 tracked vulnerabilities.
CVE-2024-30152
MEDIUM
HCL SX v21 - Use of a Broken or Risky Cryptographic Algorithm
Apr 25, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-30127
LOW
HCL Leap < 9.3.9 - Sensitive Data Exposure via Missing Cache Headers
Apr 24, 2025
CVSS 3.2
EPSS 0.00
CVE-2024-30147
MEDIUM
HCL Leap - Client-Side Code Injection
Apr 24, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-30114
LOW
HCL Leap < 9.3.6 - Stored Cross-Site Scripting in Authoring Environment
Apr 24, 2025
CVSS 3.7
EPSS 0.00
CVE-2024-30113
MEDIUM
HCL Leap < 9.3.6 - Stored Cross-Site Scripting via HTML Widget
Apr 24, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-30148
MEDIUM
HCL Leap < 9.3.8 - Improper Access Control via Application Import Endpoint
Apr 24, 2025
CVSS 4.1
EPSS 0.00
CVE-2024-42178
LOW
HCL MyXalytics - Unauthenticated Information Disclosure via Unrestricted URL Access
Apr 17, 2025
CVSS 2.5
EPSS 0.00
CVE-2024-42177
LOW
HCL MyXalytics - Inadequate Encryption Strength via SSL/TLS Protocol
Apr 17, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-42193
HIGH
HCL BigFix Platform 10.0.0-10.0.12 - Improper Certificate Validation
Apr 15, 2025
CVSS 8.1
EPSS 0.00
CVE-2024-42200
MEDIUM
HCL BigFix Platform 10.0.0-10.0.12 - Stored Cross-Site Scripting in Web Reports
Apr 15, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-42189
MEDIUM
HCL BigFix Platform 10.0.0-10.0.12 - Denial of Service via API Parameter
Apr 15, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-42208
LOW
HCL Connections - Exposure of Sensitive Information via Improper Request Handling
Apr 04, 2025
CVSS 3.5
EPSS 0.00
CVE-2024-30155
MEDIUM
HCL SX - Sensitive Cookie with Improper SameSite Attribute
Mar 26, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-42176
LOW
HCL MyXalytics - Concurrent Login Vulnerability
Mar 19, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-30154
MEDIUM
HCL SX - Cross-Site Request Forgery
Mar 03, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-30150
MEDIUM
HCL MyCloud - Unauthenticated Privilege Escalation and Information Disclosure
Feb 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-23563
LOW
HCL Connections Docs - Exposure of Sensitive Information via Improper Request Handling
Feb 12, 2025
CVSS 3.9
EPSS 0.00
CVE-2024-42207
MEDIUM
HCL iAutomate - Session Fixation
Feb 05, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-42181
LOW
HCL MyXalytics - Cleartext Transmission of Sensitive Information
Jan 12, 2025
CVSS 1.6
EPSS 0.00
CVE-2024-42180
LOW
HCL MyXalytics - Unrestricted Upload of File with Dangerous Type
Jan 12, 2025
CVSS 1.6
EPSS 0.00
CVE-2024-42179
LOW
HCL MyXalytics - Sensitive Information Exposure via HTTP Response Header
Jan 12, 2025
CVSS 2.0
EPSS 0.00
CVE-2024-42175
LOW
HCL MyXalytics - Improper Input Validation
Jan 11, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-42174
LOW
HCL MyXalytics - Username Enumeration via Observable Response Discrepancy
Jan 11, 2025
CVSS 3.7
EPSS 0.00
CVE-2024-42173
MEDIUM
HCL MyXalytics - Weak Password Requirements
Jan 11, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-42172
MEDIUM
HCL MyXalytics - Insufficiently Protected Credentials
Jan 11, 2025
CVSS 5.3
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters