Vulnerabilities in HCL
88 resultsCVE-2025-31966LOWBoolean-Based SQL Injection in Multiple Unica ComponentsEPSS 0.2%CVE-2025-55263HIGHHCL Aftermarket DPC is affected by Hardcoded Sensitive DataEPSS 0.2%CVE-2025-52628MEDIUMHCL AION is susceptible to Missing SameSite vulnerabilityEPSS 0.2%CVE-2025-52624MEDIUMHCL AION is susceptible to Bypass of the script allow list configuration vulnerabilityEPSS 0.2%CVE-2025-55274LOWHCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerabilityEPSS 0.2%CVE-2025-52633LOWHCL AION is susceptible to Missing Content-Security-PolicyEPSS 0.2%CVE-2025-31973MEDIUMHCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'EPSS 0.2%CVE-2025-62313MEDIUMHCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced.EPSS 0.2%CVE-2025-55277LOWHCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerabilityEPSS 0.2%CVE-2025-31975LOWHCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified.EPSS 0.2%CVE-2025-52655LOWHCL MyXalytics is affected by a Cross-Domain Script Include vulnerability.EPSS 0.2%CVE-2025-52606MEDIUMHCL iControl was affected by Weak Input Validation vulnerability. .EPSS 0.2%CVE-2025-59853LOWHCL DFXAnalytics is affected by an Improper Error Handling vulnerabilityEPSS 0.2%CVE-2025-52609LOWHCL iControl was affected by Missing Security Headers vulnerability.EPSS 0.2%CVE-2025-62320MEDIUMHTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica PlatformEPSS 0.2%CVE-2025-52611LOWHCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerabilityEPSS 0.2%CVE-2025-31985LOWHCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” headerEPSS 0.2%CVE-2025-52623LOWHCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerabilityEPSS 0.2%CVE-2024-42206LOWHCL iReflection Use of Third party vulnerable and outdated components issue was detected in the web application.EPSS 0.2%CVE-2025-31970MEDIUMHCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerabilityEPSS 0.1%