Vulnerabilities > Hcltech

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-30106 Unspecified vulnerability in Hcltech Connections 7.0/8.0
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data.
network
low complexity
hcltech
4.3
2024-10-23 CVE-2023-50355 Information Exposure Through an Error Message vulnerability in Hcltech Sametime 11.6/12.0/12.0.2
HCL Sametime is impacted by the error messages containing sensitive information.
network
low complexity
hcltech CWE-209
5.3
2024-10-23 CVE-2024-30122 Unspecified vulnerability in Hcltech Sametime 11.6/12.0/12.0.2
HCL Sametime is impacted by misconfigured security related HTTP headers.
network
low complexity
hcltech
5.3
2024-10-14 CVE-2024-30117 Uncontrolled Search Path Element vulnerability in Hcltech Bigfix Platform
A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances.
network
low complexity
hcltech CWE-427
5.3
2024-10-09 CVE-2024-30118 Unspecified vulnerability in Hcltech Connections 7.0/8.0
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request data.
network
low complexity
hcltech
5.7
2024-09-27 CVE-2024-23586 Insufficient Session Expiration vulnerability in Hcltech HCL Nomad
HCL Nomad is susceptible to an insufficient session expiration vulnerability.
network
low complexity
hcltech CWE-613
7.5
2024-07-08 CVE-2024-23562 Unspecified vulnerability in Hcltech Domino 11.0/12.0/14.0
A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information.
network
low complexity
hcltech
7.5
2024-07-05 CVE-2024-23588 Unspecified vulnerability in Hcltech Nomad Server on Domino
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.
network
low complexity
hcltech
6.5
2024-06-06 CVE-2023-37539 Cross-site Scripting vulnerability in Hcltech Domino 11.0/12.0/14.0
The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability.
network
low complexity
hcltech CWE-79
5.4
2024-02-29 CVE-2023-37529 Cross-site Scripting vulnerability in Hcltech Bigfix Platform
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a webpage trying to retrieve cookie stored information.
network
low complexity
hcltech CWE-79
5.4