Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-21 | CVE-2020-14225 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. | 6.5 |
| 2020-12-18 | CVE-2020-14271 | Cross-site Scripting vulnerability in Hcltech HCL Inotes HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-18 | CVE-2020-14224 | Out-of-bounds Write vulnerability in Hcltech Notes 9.0/9.0.1 A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-18 | CVE-2020-4080 | Cross-site Scripting vulnerability in Hcltech Domino HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-18 | CVE-2020-14232 | Unspecified vulnerability in Hcltech Notes 9.0/9.0.1 A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. | 8.8 |
| 2020-12-16 | CVE-2020-14254 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Bigfix Platform TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. | 7.5 |
| 2020-12-16 | CVE-2020-14248 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Bigfix Platform BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | 5.3 |
| 2020-12-14 | CVE-2020-14268 | Out-of-bounds Write vulnerability in Hcltech Notes A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-14 | CVE-2020-14244 | Out-of-bounds Write vulnerability in Hcltech Domino A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-02 | CVE-2020-4102 | Classic Buffer Overflow vulnerability in Hcltech Notes HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. | 6.7 |