Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

HCL Software — Vulnerabilities & Security Advisories 324

Browse all 324 CVE security advisories affecting HCL Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products HCL Software:DRYiCE MyXalyticsBigFix PlatformHCL LaunchHCL LeapConnectionsSametimeAIONHCL ConnectionsBigFix Patch Management Download Plug-insNomad server on DominoHCL SametimeBigFix ComplianceHCL Domino LeapiAutomateBigFix SaaS RemediateHCL BigFix PlatformHCL DevOps Deploy / HCL LaunchIEMDevOps Deploy / LaunchHCL Unica PlatformUnica PlatformBigFix Insights for Vulnerability RemediationDRYiCE Optibot Reset StationHCL MyXalyticsHCL CommerceHCL Digital ExperienceHCL TravelerHCL BigFix Mobile / Modern Client ManagementDRYiCE AEXUnica Centralized Offer Management
CVE IDTitleCVSSSeverityPaused
CVE-2025-52614 HCL Unica Platform is affected by a Cookie without HTTPOnly Flag Set vulnerability — Unica PlatformCWE-614 3.5 Low2025-10-12
CVE-2025-31969 HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP) — Unica PlatformCWE-358 4.0 Medium2025-10-12
CVE-2025-31992 HCL MaxAI Assistant is susceptible to a HTML injection vulnerability — MaxAI AssistantCWE-80 4.6 Medium2025-10-12
CVE-2025-52616 HCL Unica 12.1.10 is affected by an exposure of sensitive information — UnicaCWE-497 5.3 Medium2025-10-12
CVE-2025-31998 HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information — Unica Centralized Offer ManagementCWE-703 3.5 Low2025-10-12
CVE-2025-31997 HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR) — Unica Centralized Offer ManagementCWE-639 4.2 Medium2025-10-12
CVE-2025-31993 HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery (SSRF) — Unica Centralized Offer ManagementCWE-918 3.5 Low2025-10-12
CVE-2025-52647 HCL BigFix WebUI is affected by a host header poisoning vulnerability — BigFix WebUICWE-644 6.1 Medium2025-10-10
CVE-2025-52658 HCL MyXalytics is affected by the use of vulnerable/outdated versions — MyXalyticsCWE-1104 3.5 Low2025-10-03
CVE-2025-52654 HCL MyXalytics is affected by an HTML Injection — HCL MyXalyticsCWE-80 4.6 Medium2025-10-03
CVE-2025-0280 HCL Compass is affected by a security vulnerability — CompassCWE-257 7.5 High2025-09-03
CVE-2025-31971 AIML Solutions for HCL SX is susceptible to a URL validation vulnerability — AIML Solutions for SXCWE-425 5.1 Medium2025-08-28
CVE-2025-31979 A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix Service Management (SM) — BigFix Service Management (SM)CWE-434 5.4 Medium2025-08-28
CVE-2025-31977 A cryptographic weakness has been identified in the HCL BigFix Service Management (SM) — BigFix Service Management (SM)CWE-311 5.3 Medium2025-08-28
CVE-2025-31972 HCL BigFix Service Management (SM) is affected by a Sensitive Information Exposure vulnerability — BigFix Service Management (SM)CWE-319 6.5 Medium2025-08-28
CVE-2025-31988 HCL Digital Experience is susceptible to cross site scripting (XSS) — Digital ExperienceCWE-79 4.9 Medium2025-08-19
CVE-2025-52618 HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability — BigFix SaaS RemediateCWE-89 4.3 Medium2025-08-15
CVE-2025-52619 HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure — BigFix SaaS RemediateCWE-209 5.3 Medium2025-08-15
CVE-2025-52620 HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability — BigFix SaaS RemediateCWE-20 4.3 Medium2025-08-15
CVE-2025-52621 HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning — BigFix SaaS RemediateCWE-346 5.3 Medium2025-08-15
CVE-2025-31961 HCL Connections is vulnerable to broken access control — ConnectionsCWE-1220 3.7 Low2025-08-15
CVE-2025-31987 HCL Connections Docs is vulnerable to a Denial of Service (DoS) attack — Connections DocsCWE-405 4.8 Medium2025-08-14
CVE-2025-31965 HCL BigFix Remote Control is affected by an authorization bypass vulnerability — BigFix Remote ControlCWE-305 8.2 High2025-07-29
CVE-2025-0253 HCL IEM is affected by a cookie attribute not set vulnerability — IEMCWE-384 2.0 Low2025-07-25
CVE-2025-0252 HCL IEM is affected by a password in cleartext vulnerability — IEMCWE-319 2.6 Low2025-07-25
CVE-2025-0251 HCL IEM is affected by a concurrent login vulnerability — IEMCWE-384 2.6 Low2025-07-25
CVE-2025-0250 HCL IEM is affected by an authorization token sent in cookie vulnerability — IEMCWE-319 2.2 Low2025-07-24
CVE-2025-0249 HCL IEM is affected by an improper invalidation of access or JWT token vulnerability — IEMCWE-287 3.3 Low2025-07-24
CVE-2025-31952 HCL iAutomate is affected by an insufficient session expiration — iAutomateCWE-613 7.1 High2025-07-24
CVE-2025-31955 HCL iAutomate is affected by a sensitive data exposure vulnerability — iAutomateCWE-200 7.6 High2025-07-24

This page lists every published CVE security advisory associated with HCL Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.