hcltech
410 tracked vulnerabilities.
CVE-2024-30111
LOW
HCL DRYiCE AEX - Missing Root Detection
Jun 28, 2024
CVSS 3.3
EPSS 0.00
CVE-2024-30110
LOW
HCL DRYiCE AEX - Cross-Site Scripting via Input Validation Bypass
Jun 28, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-30109
LOW
HCL DRYiCE AEX - Clickjacking via Unprotected UI Layers
Jun 28, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-30112
MEDIUM
HCL Connections - Cross-Site Scripting
Jun 25, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-23556
MEDIUM
HCL BigFix Platform 9.5-9.5.25 - Denial of Service via SSL/TLS Renegotiation
May 18, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-23554
MEDIUM
HCL BigFix Platform 9.5-9.5.24 - Cross-Site Request Forgery
May 18, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-23583
MEDIUM
HCL BigFix Platform 9.5-9.5.24 - Insufficiently Protected Credentials via Task Manager
May 17, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-30107
LOW
HCL Connections - Improper Access Control
Apr 18, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-23557
LOW
HCL Connections - User Enumeration via Valid User Determination
Apr 18, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-23553
LOW
HCL BigFix Platform 9.5-9.5.23 - Cross-Site Scripting in Web Reports
Feb 02, 2024
CVSS 3.0
EPSS 0.00
CVE-2023-37524
HIGH
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service
Jun 27, 2026
CVSS 7.7
EPSS 0.00
CVE-2023-37525
MEDIUM
HCL BigFix Compliance - Unauthenticated Sensitive Information Disclosure via WEB-INF Directory Access
Jan 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2023-45721
MEDIUM
HCL Domino Leap 1.1-1.1.3 - Unauthenticated Exposure of Private Personal Information
Apr 30, 2025
CVSS 5.3
EPSS 0.00
CVE-2023-37535
HIGH
HCL Domino Leap 1.1-1.1.3 - Cross-Site Scripting via Query Parameter Injection
Apr 30, 2025
CVSS 7.1
EPSS 0.00
CVE-2023-37517
LOW
HCL Domino Leap 1.1-1.1.1 - Sensitive Data Exposure via Missing Cache Headers
Apr 30, 2025
CVSS 3.2
EPSS 0.00
CVE-2023-37516
LOW
HCL Leap < 9.3.4 - Sensitive Information Exposure via Cache Headers
Apr 24, 2025
CVSS 3.2
EPSS 0.00
CVE-2023-45720
MEDIUM
HCL Leap < 9.3.5 - Unauthenticated Exposure of Private Personal Information via Insufficient Default Configuration
Apr 24, 2025
CVSS 5.3
EPSS 0.00
CVE-2023-37534
HIGH
HCL Leap < 9.3.4 - Cross-Site Scripting via Query Parameter Injection
Apr 24, 2025
CVSS 7.1
EPSS 0.00
CVE-2023-50355
LOW
HCL Sametime < 12.0.2 - Sensitive Information Exposure via Error Messages
Oct 23, 2024
CVSS 3.6
EPSS 0.00
CVE-2023-37541
LOW
HCL Connections - Unauthorized Data Update via Broken Access Control
Jun 25, 2024
CVSS 3.5
EPSS 0.00
CVE-2023-37539
HIGH
HCL Domino - Stored Cross-Site Scripting in Catalog Template
Jun 06, 2024
CVSS 8.4
EPSS 0.00
CVE-2023-50347
LOW
HCL DRYiCE MyXalytics - SQL Injection
Apr 10, 2024
CVSS 3.7
EPSS 0.01
CVE-2023-45715
LOW
HCL BigFix Platform 9.5-9.5.23 - Denial of Service via Invalid File Name Characters
Mar 28, 2024
CVSS 3.5
EPSS 0.00
CVE-2023-45706
LOW
HCL BigFix Platform 9.5-9.5.24 - Authenticated Cross-Site Scripting via SAML Configuration
Mar 28, 2024
CVSS 2.0
EPSS 0.00
CVE-2023-45705
LOW
HCL BigFix Platform 10.0.0-10.0.10 - Authenticated Server-Side Request Forgery via SMTP Configuration
Mar 28, 2024
CVSS 3.5
EPSS 0.00
Products
bigfix_platform 33
dryice_myxalytics 31
aion 29
connections 22
domino 22
bigfix_service_management 18
unica 18
aftermarket_cloud 17
sametime 17
digital_experience 11
hcl_leap 11
notes 11
bigfix_mobile 10
bigfix_compliance 9
domino_leap 9
appscan 8
traveler_for_microsoft_outlook 8
bigfix_webui 7
hcl_inotes 7
bigfix_modern_client_management 6
dryice_iautomate 6
icontrol 6
traveler 6
bigfix_insights_for_vulnerability_remediation 5
dfxanalytics 5
intelliops_event_management 5
verse 5
bigfix_saas 4
dryice_aex 4
hcl_compass 4
Quick Filters