Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HCL Software — Vulnerabilities & Security Advisories 324

Browse all 324 CVE security advisories affecting HCL Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by HCL Software:DRYiCE MyXalyticsBigFix PlatformHCL LaunchHCL LeapConnectionsSametimeAIONHCL ConnectionsBigFix Patch Management Download Plug-insNomad server on DominoHCL SametimeBigFix ComplianceHCL Domino LeapiAutomateBigFix SaaS RemediateHCL BigFix PlatformHCL DevOps Deploy / HCL LaunchIEMDevOps Deploy / LaunchHCL Unica PlatformUnica PlatformBigFix Insights for Vulnerability RemediationDRYiCE Optibot Reset StationHCL MyXalyticsHCL CommerceHCL Digital ExperienceHCL TravelerHCL BigFix Mobile / Modern Client ManagementDRYiCE AEXUnica Centralized Offer Management
CVE IDTitleCVSSSeverityPublished
CVE-2024-30135 Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10 — DRYiCE AEXCWE-200 3.3 Low2024-06-28
CVE-2024-30111 Missing Root Detection vulnerability affects DRYiCE AEX v10 — DRYiCE AEXCWE-1326 3.3 Low2024-06-28
CVE-2024-30110 Lack of input validation vulnerability affects DRYiCE AEX v10 — DRYiCE AEXCWE-20 3.7 Low2024-06-28
CVE-2024-30109 Lack of Clickjacking Protection vulnerability affects DRYiCE AEX v10 — DRYiCE AEXCWE-1021 3.7 Low2024-06-28
CVE-2024-30112 HCL Connections is vulnerable to a cross-site scripting (XSS) vulnerability — Connections 5.4 Medium2024-06-25
CVE-2023-37541 HCL Connections is vulnerable to broken access control — Connections 3.5 Low2024-06-25
CVE-2024-30120 HCL DRYiCE Optibot Reset Station is impacted by an Unused Parameter in the web application — DRYiCE Optibot Reset StationCWE-563 2.9 Low2024-06-14
CVE-2024-30119 HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header — DRYiCE Optibot Reset StationCWE-522 3.7 Low2024-06-14
CVE-2023-45707 HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS) — Connections Docs 4.4 Medium2024-06-08
CVE-2023-37539 HCL Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability — Domino Server 8.4 High2024-06-06
CVE-2024-23580 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs) — DRYiCE Optibot Reset Station 6.5 Medium2024-05-28
CVE-2024-23579 HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions — DRYiCE Optibot Reset Station 6.5 Medium2024-05-28
CVE-2024-23556 HCL BigFix Platform is impacted by a failure to restrict SSL/TLS renegotiation — BigFix Platform 5.9 Medium2024-05-17
CVE-2024-23554 HCL BigFix Platform is susceptible to Cross-Site Request Forgery — BigFix PlatformCWE-352 5.7 Medium2024-05-17
CVE-2024-23583 HCL BigFix Platform is susceptible to insufficiently protected credentials — BigFix PlatformCWE-522 6.7 Medium2024-05-17
CVE-2024-23576 HCL Commerce is potentially affected by a denial of service and information disclosure vulnerability — Commerce 7.1 High2024-05-13
CVE-2023-37526 HCL DRYiCE Lucy v9 (now AEX) is affected by a Cross Origin Resource Sharing (CORS) Vulnerability — DRYiCE Lucy 6.5 Medium2024-05-10
CVE-2024-23551 HCL BigFix Compliance is potentially affected by Oracle database credentials stored at endpoint — BigFix ComplianceCWE-522 6.5 Medium2024-05-07
CVE-2024-30107 HCL Connections is vulnerable to broken access control — Connections 3.5 Low2024-04-18
CVE-2024-23557 HCL Connections is vulnerable to a user enumeration vulnerability — Connections 3.5 Low2024-04-18
CVE-2024-23558 HCL DevOps Deploy / HCL Launch does not invalidate all session authentication cookies after logout — DevOps Deploy / Launch 6.3 Medium2024-04-15
CVE-2024-23561 HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability — DevOps Deploy / Launch 4.3 Medium2024-04-15
CVE-2024-23560 HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom type — DevOps Deploy / Launch 4.4 Medium2024-04-15
CVE-2024-23559 HCL DevOps Deploy / Launch is generating an obsolete HTTP header — DevOps Deploy / Launch 6.1 Medium2024-04-15
CVE-2023-50347 Insecure SQL Interface affects HCL DRYiCE MyXalytics — DRYiCE MyXalytics 3.7 Low2024-04-10
CVE-2024-23584 HCL BigFix Asset Discovery is affected by a security vulnerability — BigFix Enterprise Suite Asset Discovery 6.6 Medium2024-04-08
CVE-2024-23540 HCL BigFix Inventory is vulnerable to path traversal — BigFix Inventory 5.3 Medium2024-04-03
CVE-2023-45715 HCL BigFix Platform is susceptible to a Denial of Service attack — BigFix Platform 3.5 Low2024-03-28
CVE-2023-45706 HCL BigFix Platform is susceptible to Cross Site Scripting (XSS) and/or Man in the Middle (MITM) attack — BigFix Platform 2.0 Low2024-03-28
CVE-2023-45705 HCL BigFix Platform is susceptible to Server Side Request Forgery (SSRF) — BigFix Platform 3.5 Low2024-03-28

This page lists every published CVE security advisory associated with HCL Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.