Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-08 | CVE-2024-23562 | Unspecified vulnerability in Hcltech Domino 11.0/12.0/14.0 A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. | 7.5 |
| 2024-07-05 | CVE-2024-23588 | Unspecified vulnerability in Hcltech Nomad Server on Domino HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability. | 6.5 |
| 2024-06-06 | CVE-2023-37539 | Cross-site Scripting vulnerability in Hcltech Domino 11.0/12.0/14.0 The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. | 5.4 |
| 2024-04-10 | CVE-2023-50347 | Unspecified vulnerability in Hcltech Dryice Myxalytics HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom SQL queries. | 9.8 |
| 2024-03-28 | CVE-2023-45705 | Server-Side Request Forgery (SSRF) vulnerability in Hcltech Bigfix Platform An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options. | 7.2 |
| 2024-02-29 | CVE-2023-37529 | Cross-site Scripting vulnerability in Hcltech Bigfix Platform A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a webpage trying to retrieve cookie stored information. | 5.4 |
| 2024-02-29 | CVE-2023-37530 | Cross-site Scripting vulnerability in Hcltech Bigfix Platform A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a webpage trying to retrieve cookie stored information. | 5.4 |
| 2024-02-29 | CVE-2023-37531 | Cross-site Scripting vulnerability in Hcltech Bigfix Platform A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a form field of a webpage by a user with privileged access. | 4.8 |
| 2024-02-12 | CVE-2023-28018 | Unspecified vulnerability in Hcltech Connections 6.5/7.0/8.0 HCL Connections is vulnerable to a denial of service, caused by improper validation on certain requests. | 6.5 |
| 2024-02-10 | CVE-2023-45698 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime Chat and Meetings Sametime is impacted by lack of clickjacking protection in Outlook add-in. | 6.1 |