Vulnerabilities in HCL Software
334 resultsCVE-2024-42175LOWHCL MyXalytics is affected by a weak input validation vulnerabilityEPSS 0.3%CVE-2024-23554MEDIUMHCL BigFix Platform is susceptible to Cross-Site Request Forgery EPSS 0.3%CVE-2022-42453MEDIUMHCL BigFix Platform is affected by insufficient warningsEPSS 0.3%CVE-2024-42169HIGHHCL MyXalytics is affected by insecure direct object referencesEPSS 0.3%CVE-2024-30106LOWHCL Connections is vulnerable to an information disclosure vulnerabilityEPSS 0.3%CVE-2023-45706LOWHCL BigFix Platform is susceptible to Cross Site Scripting (XSS) and/or Man in the Middle (MITM) attackEPSS 0.3%CVE-2025-52619MEDIUMHCL BigFix SaaS Authentication Service is affected by a sensitive information disclosureEPSS 0.3%CVE-2025-0256MEDIUMHCL DevOps Deploy / HCL Launch is susceptible to a sensitive information disclosureEPSS 0.3%CVE-2024-30112MEDIUMHCL Connections is vulnerable to a cross-site scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-0278MEDIUMAn internal path disclosure vulnerability affects HCL TravelerEPSS 0.3%CVE-2025-0279MEDIUMHCL Traveler is affected by generation of error messages containing sensitive informationEPSS 0.3%CVE-2024-23553LOWA cross-site scripting (XSS) vulnerability affects HCL BigFix PlatformEPSS 0.3%CVE-2024-42207MEDIUMHCL iAutomate is affected by a session fixation vulnerabilityEPSS 0.3%CVE-2023-50345LOWOpen Redirect affects DRYiCE MyXalyticsEPSS 0.3%CVE-2024-30133MEDIUMHCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerabilityEPSS 0.3%CVE-2025-31953HIGHHCL iAutomate is affected by hardcoded credentialsEPSS 0.3%CVE-2024-42194LOWHCL BigFix Inventory is affected by an access control vulnerabilityEPSS 0.3%CVE-2023-28021MEDIUMBigFix WebUI is vulnerable to use of a risky cryptographic algorithm EPSS 0.3%CVE-2024-42213MEDIUMHCL BigFix Compliance is affected by inclusion of temporary files left in the production environmentEPSS 0.3%CVE-2023-45720MEDIUMHCL Leap is affected by a disclosure of private personal information vulnerabilityEPSS 0.3%