Vulnerabilities in HCL Software

334 results

CVE-2023-37538CRITICALHCL Digital Experience is susceptible to cross site scripting (XSS)EPSS 0.4%CVE-2023-37531LOWA cross-site scripting (XSS) vulnerability affects HCL BigFix PlatformEPSS 0.4%CVE-2025-31998LOWHCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive informationEPSS 0.4%CVE-2024-30143MEDIUMA path traversal vulnerability in HCL AppScan Traffic RecorderEPSS 0.4%CVE-2023-37527MEDIUMA cross-site scripting (XSS) vulnerability affects HCL BigFix PlatformEPSS 0.4%CVE-2023-45718LOWHCL Sametime is impacted by a failure to invalidate sessionsEPSS 0.4%CVE-2021-27778MEDIUMHCL Traveler is susceptible to a cross-site scripting vulnerability which could allow an attacker to execute a malicious script to access sensitive information.EPSS 0.4%CVE-2022-42447CRITICALCross-origin resource sharing vulnerability affects HCL CompassEPSS 0.4%CVE-2020-4083—HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a locaEPSS 0.3%CVE-2023-37511LOWHCL Traveler To Do is affected by App Transport Security (ATS) settings allowing insecure loads in web contentEPSS 0.3%CVE-2024-23557LOWHCL Connections is vulnerable to a user enumeration vulnerabilityEPSS 0.3%CVE-2021-27782MEDIUMHCL BigFix Mobile / Modern Client Management Server passwords are susceptible to a brute-force attackEPSS 0.3%CVE-2021-27783MEDIUMHCL BigFix Mobile / Modern Client Management is vulnerable to sensitive information exposureEPSS 0.3%CVE-2024-23588MEDIUMA denial of service vulnerability affects HCL Nomad server on DominoEPSS 0.3%CVE-2021-27774LOWAn injection vulnerability affects HCL Digital ExperienceEPSS 0.3%CVE-2025-59872MEDIUMHCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability,EPSS 0.3%CVE-2022-42452MEDIUMHCL Launch is vulnerable to HTML injection. HTML code is stored and included without being sanitized. This can lead to further attacks suchEPSS 0.3%CVE-2021-27761MEDIUMHCL BigFix Platform is affected by weak web transport securityEPSS 0.3%CVE-2023-37496HIGHHCL Verse is susceptible to a Stored Cross-Site Scripting (XSS) VulnerabilityEPSS 0.3%CVE-2023-37528MEDIUMA cross-site scripting (XSS) vulnerability affects HCL BigFix PlatformEPSS 0.3%

← previouspage 5 / 17next →