Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HCL Software — Vulnerabilities & Security Advisories 324

Browse all 324 CVE security advisories affecting HCL Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by HCL Software:DRYiCE MyXalyticsBigFix PlatformHCL LaunchHCL LeapConnectionsSametimeAIONHCL ConnectionsBigFix Patch Management Download Plug-insNomad server on DominoHCL SametimeBigFix ComplianceHCL Domino LeapiAutomateBigFix SaaS RemediateHCL BigFix PlatformHCL DevOps Deploy / HCL LaunchIEMDevOps Deploy / LaunchHCL Unica PlatformUnica PlatformBigFix Insights for Vulnerability RemediationDRYiCE Optibot Reset StationHCL MyXalyticsHCL CommerceHCL Digital ExperienceHCL TravelerHCL BigFix Mobile / Modern Client ManagementDRYiCE AEXUnica Centralized Offer Management
CVE IDTitleCVSSSeverityPublished
CVE-2022-44750 HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. — Domino 9.8 Critical2022-12-17
CVE-2022-44755 HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView — Notes 9.8 Critical2022-12-17
CVE-2022-44753 HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView — Notes 9.8 Critical2022-12-17
CVE-2022-44751 HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView — Notes 9.8 Critical2022-12-17
CVE-2022-38653 HCL Digital Experience is susceptible to cross-site scripting (XSS) — HCL Digital Experience 2.0 Low2022-12-15
CVE-2022-38662 HCL Digital Experience is susceptible to open redirects — HCL Digital Experience 6.1 Medium2022-12-15
CVE-2022-42446 HCL Sametime 12.0 and 12.0FP1 anonymous users have directory lookup access — HCL Sametime 6.5 Medium2022-11-30
CVE-2022-42445 HCL Launch is vulnerable to Insufficiently Protected LDAP Search Credentials (CVE-2022-42445) — HCL Launch 4.9 Medium2022-11-28
CVE-2022-38656 HCL Commerce, when using Elasticsearch, could be affected by a denial of service vulnerability — HCL Commerce 8.6 High2022-11-04
CVE-2022-38661 HCL Workload Automation is affected by a vulnerability in Jlog component of the Master Domain Manager — HCL Workload Automation 6.2 Medium2022-11-04
CVE-2022-38654 HCL Domino is susceptible to an information disclosure vulnerability — HCL DominoCWE-200 5.5 Medium2022-11-04
CVE-2022-38660 HCL XPages applications are susceptible to Cross Site Request Forgery (CSRF) vulnerability — HCL DominoCWE-352 8.3 High2022-11-04
CVE-2020-4099 HCL Verse for Android is susceptible to an APK signing key check vulnerability — HCL Verse for AndroidCWE-326 5.9 Medium2022-11-01
CVE-2021-27784 HCL Launch container images may contain non-unique https certificates and database encryption key — HCL LaunchCWE-327 5.9 Medium2022-10-31
CVE-2021-27774 An injection vulnerability affects HCL Digital Experience — HCL Digital ExperienceCWE-209 3.1 Low2022-09-22
CVE-2022-27561 HCL Traveler is susceptible to a Reflected Cross-Site Scripting vulnerability in the web admin (LotusTraveler.nsf) — HCL TravelerCWE-79 7.5 High2022-09-15
CVE-2022-27563 Overload/denial of service affects HCL VersionVault Express — HCL VersionVault ExpressCWE-754 7.5 High2022-08-30
CVE-2022-27560 An insufficiently protected credential vulnerability affects HCL VersionVault Express — HCL VersionVault ExpressCWE-522 6.0 Medium2022-08-30
CVE-2022-27558 HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. — HCL iNotesCWE-521 5.9 Medium2022-08-29
CVE-2022-27547 HCL iNotes is susceptible to a link to non-existent domain vulnerability. — HCL iNotesCWE-601 6.1 Medium2022-08-29
CVE-2022-27546 HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability — HCL iNotesCWE-79 8.3 High2022-08-29
CVE-2022-27551 HCL Launch could allow an authenticated user to obtain sensitive information (CVE-2022-27551) — HCL LaunchCWE-863 5.3 Medium2022-08-03
CVE-2021-27785 HCL Commerce could allow a local attacker to obtain sensitive personal information (CVE-2021-27785) — HCL CommerceCWE-522 3.9 Low2022-07-29
CVE-2022-27545 HCL BigFix Web Reports authorized users may perform HTML injection. — HCL BigFixCWE-79 4.6 Medium2022-07-19
CVE-2022-27544 HCL BigFix Web Reports authorized users may see sensitive information in clear text — HCL BigFixCWE-522 5.0 Medium2022-07-19
CVE-2022-27549 HCL Launch could disclose sensitive database information to a local user in plain text. — HCL LaunchCWE-532 4.0 Medium2022-07-06
CVE-2022-27548 HCL Launch is vulnerable to information disclosure which can be read by a local user. — HCL LaunchCWE-256 4.9 Medium2022-07-06
CVE-2021-27786 HCL OneTest Server is vulnerable to Cross Origin Resource Sharing: Arbitrary Origin Trusted — HCL OneTest ServerCWE-942 4.6 Medium2022-06-07
CVE-2021-27778 HCL Traveler is susceptible to a cross-site scripting vulnerability which could allow an attacker to execute a malicious script to access sensitive information. — HCL TravelerCWE-79 4.9 Medium2022-05-31
CVE-2021-27781 HCL BigFix Mobile / Modern Client Management is vulnerable to stored cross-site scripting — HCL BigFix Mobile / Modern Client ManagementCWE-79 6.6 Medium2022-05-27

This page lists every published CVE security advisory associated with HCL Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.