Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HCL Software — Vulnerabilities & Security Advisories 324

Browse all 324 CVE security advisories affecting HCL Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by HCL Software:DRYiCE MyXalyticsBigFix PlatformHCL LaunchHCL LeapConnectionsSametimeAIONHCL ConnectionsBigFix Patch Management Download Plug-insNomad server on DominoHCL SametimeBigFix ComplianceHCL Domino LeapiAutomateBigFix SaaS RemediateHCL BigFix PlatformHCL DevOps Deploy / HCL LaunchIEMDevOps Deploy / LaunchHCL Unica PlatformUnica PlatformBigFix Insights for Vulnerability RemediationDRYiCE Optibot Reset StationHCL MyXalyticsHCL CommerceHCL Digital ExperienceHCL TravelerHCL BigFix Mobile / Modern Client ManagementDRYiCE AEXUnica Centralized Offer Management
CVE IDTitleCVSSSeverityPublished
CVE-2024-42189 HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack — HCL BigFix PlatformCWE-1287 7.5AIHighAI2025-04-15
CVE-2024-42200 HCL BigFix Web Reports is potentially susceptible to a Stored Cross-Site Scripting (XSS) attack — HCL BigFix PlatformCWE-79 5.4AIMediumAI2025-04-15
CVE-2024-42208 HCL Connections is vulnerable to an information disclosure vulnerability — HCL ConnectionsCWE-200 3.5 Low2025-04-04
CVE-2025-0278 An internal path disclosure vulnerability affects HCL Traveler — HCL TravelerCWE-497 4.3 Medium2025-04-03
CVE-2025-0279 HCL Traveler is affected by generation of error messages containing sensitive information — HCL TravelerCWE-209 4.3 Medium2025-04-03
CVE-2025-0272 HCL DevOps Deploy / HCL Launch is susceptible to an HTML injection vulnerability — HCL DevOps Deploy / HCL LaunchCWE-80 5.4 Medium2025-04-03
CVE-2025-0257 HCL DevOps Deploy / HCL Launch is susceptible to unauthorized access to other services — HCL DevOps Deploy / HCL LaunchCWE-306 6.3 Medium2025-04-02
CVE-2025-0273 HCL DevOps Deploy / HCL Launch is susceptible to Insertion of Sensitive Information into Log File vulnerability — HCL DevOps Deploy / HCL LaunchCWE-532 5.5 Medium2025-03-27
CVE-2024-30155 HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability — HCL SXCWE-1275 5.5 Medium2025-03-26
CVE-2025-0255 HCL DevOps Deploy / HCL Launch is susceptible to command injection vulnerability — HCL DevOps Deploy / HCL LaunchCWE-78 7.2 High2025-03-24
CVE-2025-0256 HCL DevOps Deploy / HCL Launch is susceptible to a sensitive information disclosure — HCL DevOps Deploy / HCL LaunchCWE-306 4.3 Medium2025-03-24
CVE-2025-0254 HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. — HCL Digital ExperienceCWE-295 5.9 Medium2025-03-20
CVE-2024-42176 HCL MyXalytics is affected by concurrent login vulnerability — HCL MyXalytics 2.6 Low2025-03-19
CVE-2024-30143 A path traversal vulnerability in HCL AppScan Traffic Recorder — HCL AppScan Traffic RecorderCWE-22 4.3 Medium2025-03-13
CVE-2024-30154 HCL SX is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability — HCL SX 5.3 Medium2025-03-03
CVE-2024-30150 An unauthenticated privilege escalation vulnerability affects HCL MyCloud — MyCloudCWE-269 5.3 Medium2025-02-25
CVE-2024-23563 HCL Connections Docs is vulnerable to a sensitive information disclosure — Connections DocsCWE-200 3.9 Low2025-02-12
CVE-2024-42207 HCL iAutomate is affected by a session fixation vulnerability — iAutomateCWE-384 5.5 Medium2025-02-05
CVE-2024-42187 HCL BigFix Patch Download Plug-ins are affected by path traversal vulnerability — BigFix Patch Management Download Plug-insCWE-22 5.3 Medium2025-01-23
CVE-2024-42186 HCL BigFix Patch Download Plug-ins are affected by an insecure protocol support — BigFix Patch Management Download Plug-insCWE-295 2.8 Low2025-01-23
CVE-2024-42185 HCL BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks — BigFix Patch Management Download Plug-insCWE-611 2.5 Low2025-01-23
CVE-2024-42184 HCL BigFix Patch Download Plug-ins are affected by insecure support for file URI scheme — BigFix Patch Management Download Plug-insCWE-84 2.5 Low2025-01-23
CVE-2024-42183 HCL BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability — BigFix Patch Management Download Plug-insCWE-494 2.5 Low2025-01-23
CVE-2024-42182 HCL BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability — BigFix Patch Management Download Plug-insCWE-918 2.5 Low2025-01-23
CVE-2024-42181 HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability — DRYiCE MyXalyticsCWE-319 1.6 Low2025-01-12
CVE-2024-42180 HCL MyXalytics is affected by a malicious file upload vulnerability — DRYiCE MyXalyticsCWE-434 1.6 Low2025-01-12
CVE-2024-42179 HCL MyXalytics is affected by sensitive information disclosure vulnerability — DRYiCE MyXalyticsCWE-200 2.0 Low2025-01-12
CVE-2024-42175 HCL MyXalytics is affected by a weak input validation vulnerability — DRYiCE MyXalyticsCWE-20 2.6 Low2025-01-11
CVE-2024-42174 HCL MyXalytics is affected by username enumeration vulnerability — DRYiCE MyXalyticsCWE-204 3.7 Low2025-01-11
CVE-2024-42173 HCL MyXalytics is affected by an improper password policy implementation vulnerability — DRYiCE MyXalyticsCWE-521 4.8 Medium2025-01-11

This page lists every published CVE security advisory associated with HCL Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.