Vulnerabilities > Hcltech > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-02 | CVE-2020-14255 | Unspecified vulnerability in Hcltech Digital Experience 9.5 HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. | 7.5 |
| 2020-12-28 | CVE-2020-14273 | Improper Input Validation vulnerability in Hcltech Domino 10.0.1/11.0.0/11.0.1 HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. | 7.5 |
| 2020-12-18 | CVE-2020-14232 | Unspecified vulnerability in Hcltech Notes 9.0/9.0.1 A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. | 8.8 |
| 2020-12-16 | CVE-2020-14254 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Bigfix Platform TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. | 7.5 |
| 2020-11-21 | CVE-2020-14258 | Improper Input Validation vulnerability in Hcltech Notes 10.0/11.0/9.0 HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. | 7.5 |
| 2020-11-21 | CVE-2020-14234 | Improper Input Validation vulnerability in Hcltech Domino 10.0.0/9.0/9.0.1 HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. | 7.5 |
| 2020-11-21 | CVE-2020-14230 | Improper Input Validation vulnerability in Hcltech Domino HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. | 7.5 |
| 2020-10-06 | CVE-2019-4326 | Improper Encoding or Escaping of Output vulnerability in Hcltech Appscan 10.0.0/9.0.3.14 "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." | 7.5 |
| 2020-04-21 | CVE-2019-4327 | Use of Hard-coded Credentials vulnerability in Hcltech Appscan 9.0.3.14 "HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." | 7.5 |
| 2020-04-07 | CVE-2019-4391 | XXE vulnerability in Hcltech Appscan 9.0.3.13/9.0.3.14 HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data | 8.2 |