Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / hcltech

hcltech

395 tracked vulnerabilities.

CVE-2023-37516 LOW

HCL Leap < 9.3.4 - Sensitive Information Exposure via Cache Headers

CVE-2023-45720 MEDIUM

HCL Leap < 9.3.5 - Unauthenticated Exposure of Private Personal Information via Insufficient Default Configuration

CVE-2023-37534 HIGH

HCL Leap < 9.3.4 - Cross-Site Scripting via Query Parameter Injection

CVE-2023-50355 LOW

HCL Sametime < 12.0.2 - Sensitive Information Exposure via Error Messages

CVE-2023-37541 LOW

HCL Connections - Unauthorized Data Update via Broken Access Control

CVE-2023-37539 HIGH

HCL Domino - Stored Cross-Site Scripting in Catalog Template

CVE-2023-50347 LOW

HCL DRYiCE MyXalytics - SQL Injection

CVE-2023-45715 LOW

HCL BigFix Platform 9.5-9.5.23 - Denial of Service via Invalid File Name Characters

CVE-2023-45706 LOW

HCL BigFix Platform 9.5-9.5.24 - Authenticated Cross-Site Scripting via SAML Configuration

CVE-2023-45705 LOW

HCL BigFix Platform 10.0.0-10.0.10 - Authenticated Server-Side Request Forgery via SMTP Configuration

CVE-2023-37531 LOW

HCL BigFix Platform 9.5-9.5.23 - Stored Cross-Site Scripting in Web Reports Form Field

CVE-2023-37530 LOW

HCL BigFix Platform 9.5-9.5.23 - Cross-Site Scripting in Web Reports

CVE-2023-37529 LOW

HCL BigFix Platform 9.5-9.5.23 - Cross-Site Scripting in Web Reports

CVE-2023-37495 MEDIUM

HCL Domino 9.0-14.0 - Weak Password Hashing in Person Documents

CVE-2023-37540 LOW

HCL Sametime 11.5-12.0.1 - Insecure Storage of Sensitive Information via Eclipse Secure Storage

CVE-2023-28018 MEDIUM

HCL Connections - Denial of Service via Crafted Request

CVE-2023-45698 MEDIUM

HCL Sametime Chat and Meetings - Clickjacking via Outlook Add-in

CVE-2023-45696 MEDIUM

HCL Sametime 11.5-12.0.1 - Sensitive Information Exposure via Legacy Web Chat Autocomplete

CVE-2023-45718 LOW

HCL Sametime 11.5-12.0.1 - Insufficient Session Expiration in Web Client

CVE-2023-45716 LOW

HCL Sametime < 12.0.2 - Cleartext Transmission of Sensitive Information via URL

CVE-2023-50349 MEDIUM

HCL Sametime < 12.0.2 - Cross-Site Request Forgery in REST APIs

CVE-2023-37528 MEDIUM

HCL BigFix Platform 9.5-9.5.23 - Cross-Site Scripting in Web Reports Save Report Parameter

CVE-2023-37527 MEDIUM

HCL BigFix Platform 9.5-9.5.23 - Reflected Cross-Site Scripting in Web Reports

CVE-2023-37518 MEDIUM

HCL BigFix ServiceNow Data Flow < 1.3 - Authenticated Code Injection

CVE-2023-50344 MEDIUM

HCL DRYiCE MyXalytics - Unauthenticated File Download via Improper Access Control

Previous Page 9 of 16 Next

Products

bigfix_platform 33 dryice_myxalytics 31 aion 29 connections 22 domino 22 bigfix_service_management 18 aftermarket_cloud 17 sametime 17 unica 17 hcl_leap 11 notes 11 bigfix_mobile 10 bigfix_compliance 9 domino_leap 9 appscan 8 digital_experience 8 bigfix_webui 7 hcl_inotes 7 bigfix_modern_client_management 6 dryice_iautomate 6 traveler 6 bigfix_insights_for_vulnerability_remediation 5 dfxanalytics 5 intelliops_event_management 5 traveler_for_microsoft_outlook 5 verse 5 bigfix_saas 4 dryice_aex 4 hcl_compass 4 hcl_digital_experience 4

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy