Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-45722
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly ne...
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
9.8
CVSSv3
CVE-2023-45723
HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
9.8
CVSSv3
CVE-2023-45724
HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application permits the upload of a certain file without requiring user authentication.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
9.8
CVSSv3
CVE-2023-37503
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts.
Hcltech Hcl Compass
Hcltech Hcl Compass 2.1.0
9.8
CVSSv3
CVE-2021-27786
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the reque...
Hcltech Onetest Server 10.1
Hcltech Onetest Server 10.2
Hcltech Onetest Server 10.0
9.8
CVSSv3
CVE-2021-27762
Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses
Hcltech Bigfix Platform
9.8
CVSSv3
CVE-2020-14224
A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote malicious user to crash the Notes application or inject code into the system which...
Hcltech Notes 9.0
Hcltech Notes 9.0.1
9.8
CVSSv3
CVE-2020-14268
A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote malicious user to crash the client or inject code into the system whi...
Hcltech Notes 9.0.1
Hcltech Notes 10.0.1
Hcltech Notes
9.8
CVSSv3
CVE-2020-14244
A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote malicious user to crash the server or inject code into the system wh...
Hcltech Domino 10.0.1
Hcltech Domino
9.8
CVSSv3
CVE-2020-14260
HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an malicious user to crash Domino or execute attacker-controlled code on the server system.
Hcltech Domino
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »