Vulnerabilities > Hcltech > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-09 | CVE-2021-27786 | Incorrect Comparison vulnerability in Hcltech Onetest Server 10.0/10.1/10.2 Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. | 9.8 |
| 2022-05-25 | CVE-2021-27779 | Missing Encryption of Sensitive Data vulnerability in Hcltech Versionvault Express 2.0.1 VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server. | 9.1 |
| 2022-05-06 | CVE-2021-27762 | Unspecified vulnerability in Hcltech Bigfix Platform Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses | 9.8 |
| 2020-12-18 | CVE-2020-14224 | Out-of-bounds Write vulnerability in Hcltech Notes 9.0/9.0.1 A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-14 | CVE-2020-14268 | Out-of-bounds Write vulnerability in Hcltech Notes A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-14 | CVE-2020-14244 | Out-of-bounds Write vulnerability in Hcltech Domino A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. | 9.8 |
| 2020-12-02 | CVE-2020-14260 | Classic Buffer Overflow vulnerability in Hcltech Domino 10.0.0/11.0.0/9.0.1 HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. | 9.8 |
| 2020-06-11 | CVE-2020-4101 | Server-Side Request Forgery (SSRF) vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5 "HCL Digital Experience is susceptible to Server Side Request Forgery." | 9.8 |
| 2020-04-07 | CVE-2019-4393 | Improper Restriction of Excessive Authentication Attempts vulnerability in Hcltech Appscan 10.0.0/9.0.3.13/9.0.3.14 HCL AppScan Standard is vulnerable to excessive authorization attempts | 9.8 |
| 2020-02-14 | CVE-2019-4392 | Use of Hard-coded Credentials vulnerability in Hcltech Appscan 9.0.3.13 HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system. | 9.8 |