Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2022-44757
BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data in unexpected ways, etc.
Hcltech Bigfix Insights For Vulnerability Remediation
5.3
CVSSv3
CVE-2022-44758
BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.
Hcltech Bigfix Insights For Vulnerability Remediation
8.8
CVSSv3
CVE-2023-37536
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote malicious users to cause out-of-bound access via HTTP request.
Hcltech Bigfix Platform
Apache Xerces-c\\+\\+ 3.2.3
Fedoraproject Fedora 37
4.4
CVSSv3
CVE-2022-42451
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user.
Hcltech Bigfix Patch Management
5.3
CVSSv3
CVE-2023-28010
In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks.
Hcltech Domino 12.0.2
4.3
CVSSv3
CVE-2023-37511
If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved.
Hcltech Traveler To Do
5.5
CVSSv3
CVE-2023-37512
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
Hcltech Traveler Companion
5.5
CVSSv3
CVE-2023-37513
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
Hcltech Traveler To Do
7.1
CVSSv3
CVE-2023-23342
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.
Hcltech Hcl Nomad
7.1
CVSSv3
CVE-2023-23347
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
Hcltech Dryice Iautomate 6.0
Hcltech Dryice Iautomate 6.1
Hcltech Dryice Iautomate 6.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »