CVE-2023-37532 | HCL Commerce
HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system. .This CVE has a… Read More »CVE-2023-37532 | HCL Commerce
HCL Software
CVE-2023-37503 | HCL Compass
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts. .This CVE has a… Read More »CVE-2023-37503 | HCL Compass
CVE-2023-37502 | HCL Compass
HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can be executed by the server… Read More »CVE-2023-37502 | HCL Compass
CVE-2023-37537 | HCL AppScan Presence
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC), may allow a local attacker… Read More »CVE-2023-37537 | HCL AppScan Presence
CVE-2023-37538 | Digital Experience
HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a… Read More »CVE-2023-37538 | Digital Experience
CVE-2023-37536 | BigFix Platform
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request..This CVE has a CVSS3.1 score of… Read More »CVE-2023-37536 | BigFix Platform
CVE-2022-44758 | BigFix Insights for Vulnerability Remediation
BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized. .This CVE… Read More »CVE-2022-44758 | BigFix Insights for Vulnerability Remediation
CVE-2022-44757 | BigFix Insights for Vulnerability Remediation
BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data… Read More »CVE-2022-44757 | BigFix Insights for Vulnerability Remediation
CVE-2022-42451 | BigFix Patch Management
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user. .This CVE has a… Read More »CVE-2022-42451 | BigFix Patch Management
CVE-2023-28010 | HCL Domino Server
In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks. .This CVE has a… Read More »CVE-2023-28010 | HCL Domino Server
CVE-2023-37513 | HCL Traveler To Do
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which… Read More »CVE-2023-37513 | HCL Traveler To Do
CVE-2023-37512 | HCL Traveler Companion
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which… Read More »CVE-2023-37512 | HCL Traveler Companion
CVE-2023-37511 | HCL Traveler To Do
If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved. .This CVE has a… Read More »CVE-2023-37511 | HCL Traveler To Do
CVE-2023-23342 | HCL Nomad for web
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented. .This CVE has a CVSS3.1… Read More »CVE-2023-23342 | HCL Nomad for web
CVE-2023-23347 | HCL DRYiCE iAutomate
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.… Read More »CVE-2023-23347 | HCL DRYiCE iAutomate