Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-22 | CVE-2020-14270 | Improper Handling of Exceptional Conditions vulnerability in Hcltech Domino HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. | 5.3 |
| 2020-12-21 | CVE-2020-14225 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. | 6.5 |
| 2020-12-18 | CVE-2020-14271 | Cross-site Scripting vulnerability in Hcltech HCL Inotes HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-18 | CVE-2020-14224 | Out-of-bounds Write vulnerability in Hcltech Notes 9.0/9.0.1 A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-18 | CVE-2020-4080 | Cross-site Scripting vulnerability in Hcltech Domino HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. | 6.1 |
| 2020-12-18 | CVE-2020-14232 | Unspecified vulnerability in Hcltech Notes 9.0/9.0.1 A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. | 8.8 |
| 2020-12-16 | CVE-2020-14254 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Bigfix Platform TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. | 7.5 |
| 2020-12-16 | CVE-2020-14248 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Bigfix Platform BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | 5.3 |
| 2020-12-14 | CVE-2020-14268 | Out-of-bounds Write vulnerability in Hcltech Notes A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-14 | CVE-2020-14244 | Out-of-bounds Write vulnerability in Hcltech Domino A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |