Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-27786
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the reque...
Hcltech Onetest Server 10.1
Hcltech Onetest Server 10.2
Hcltech Onetest Server 10.0
4
CVSSv2
CVE-2020-14221
HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users.
Hcltech Digital Experience 8.5
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
NA
CVE-2023-45722
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly ne...
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
NA
CVE-2023-45723
HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
NA
CVE-2023-45724
HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application permits the upload of a certain file without requiring user authentication.
Hcltech Dryice Myxalytics 6.1
Hcltech Dryice Myxalytics 5.9
Hcltech Dryice Myxalytics 6.0
4.3
CVSSv2
CVE-2020-4081
In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS).
Hcltech Digital Experience 8.5
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
4
CVSSv2
CVE-2021-27783
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
Hcltech Bigfix Modern Client Management 2.0
Hcltech Bigfix Modern Client Management 2.1
Hcltech Bigfix Mobile 2.1
Hcltech Bigfix Mobile 2.0
10
CVSSv2
CVE-2020-14244
A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote malicious user to crash the server or inject code into the system wh...
Hcltech Domino
Hcltech Domino 10.0.1
NA
CVE-2022-38660
HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.
Hcltech Domino
Hcltech Domino 9.0.1
5
CVSSv2
CVE-2020-14234
HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected.
Hcltech Domino
Hcltech Domino 9.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »