Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-50346
HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints within the application disclose detailed file information.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
5.3
CVSSv3
CVE-2023-50348
HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application returns detailed error messages that can provide an attacker with insight into the application, system, etc.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
7.5
CVSSv3
CVE-2023-50350
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
9.1
CVSSv3
CVE-2023-50351
HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an malicious user to compromise the confidentiality or integrity of data.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
6.1
CVSSv3
CVE-2020-14223
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). The vulnerability could be employed in a reflected or non-persistent XSS attack.
Hcltech Digital Experience 8.5
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
8.1
CVSSv3
CVE-2023-28008
HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
Hcltech Workload Automation 9.5.0
Hcltech Workload Automation 10.1.0
Hcltech Workload Automation 9.4.0
8.1
CVSSv3
CVE-2023-28009
HCL Workload Automation is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
Hcltech Workload Automation 9.5.0
Hcltech Workload Automation 10.1.0
Hcltech Workload Automation 9.4.0
9.8
CVSSv3
CVE-2021-27786
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the reque...
Hcltech Onetest Server 10.1
Hcltech Onetest Server 10.2
Hcltech Onetest Server 10.0
5.4
CVSSv3
CVE-2022-38653
In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded.
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
Hcltech Digital Experience 8.5
6.1
CVSSv3
CVE-2023-37538
HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
Hcltech Digital Experience 8.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »