Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HCLSoftware — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting HCLSoftware. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by HCLSoftware:BigFix IVRConnectionsTravelerBigFix PlatformBigFix Service Management (SM)DevOps DeployBigFix ComplianceHCL DevOps VelocityDigital ExperienceSametime for iOSNomad server on DominoUnica Marketing Operations (Plan)Velocity
CVE IDTitleCVSSSeverityPublished
CVE-2025-31981 HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption — BigFix Service Management (SM)CWE-319 5.3 Medium2026-04-21
CVE-2025-31958 HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling — BigFix Service Management (SM)CWE-444 3.7 Low2026-04-21
CVE-2025-31991 HCL DevOps Velocity is susceptible to brute-force attacks — VelocityCWE-307 6.8 Medium2026-04-13
CVE-2026-21767 HCL BigFix Platform is affected by insufficient authentication — BigFix PlatformCWE-306 4.0 Medium2026-04-01
CVE-2026-21765 HCL BigFix Platform is affected by insecure permissions on private cryptographic keys — BigFix PlatformCWE-732 8.8 High2026-04-01
CVE-2026-21790 HCL Traveler is susceptible to a weak default HTTP header validation vulnerability — TravelerCWE-346 6.3 Medium2026-03-24
CVE-2026-21783 HCL Traveler is affected by sensitive information disclosure — TravelerCWE-209 4.3 Medium2026-03-24
CVE-2026-21788 HCL Connections is vulnerable to cross-site scripting (XSS) — ConnectionsCWE-79 5.4 Medium2026-03-19
CVE-2024-42210 HCL Unica Marketing Operations v12.1.8 and lower is affected by a Stored cross-site scripting (XSS) vulnerability — Unica Marketing Operations (Plan)CWE-79 7.6 High2026-03-19
CVE-2025-62328 HCL Nomad server on Domino is affected by a missing default frame-ancestors directive — Nomad server on DominoCWE-1021 3.7 Low2026-03-11
CVE-2026-21786 HCL Sametime for iOS is affected by sensitive information disclosure — Sametime for iOSCWE-532 3.3 Low2026-03-05
CVE-2025-62326 HCL Digital Experience is susceptible to stored cross-site scripting (XSS) — Digital ExperienceCWE-79 6.1 Medium2026-02-20
CVE-2025-52603 HCL Connections is vulnerable to information disclosure — ConnectionsCWE-213 3.5 Low2026-02-20
CVE-2025-31990 HCL DevOps Velocity is susceptible to a Denial of Service vulnerability — HCL DevOps VelocityCWE-770 6.8 Medium2026-02-07
CVE-2023-37525 HCL BigFix Compliance is vulnerable to a sensitive information disclosure — BigFix ComplianceCWE-497 5.3 Medium2026-01-28
CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials — DevOps DeployCWE-522 4.9 Medium2026-01-07
CVE-2025-31964 HCL BigFix IVR is impacted by an improper service binding configuration — BigFix IVRCWE-200 2.2 Low2026-01-07
CVE-2025-31963 HCL BigFix IVR is impacted by improper authentication and missing CSRF protection — BigFix IVRCWE-306 2.9 Low2026-01-07
CVE-2025-31962 HCL BigFix IVR is impacted by an insufficient session expiration vulnerability — BigFix IVRCWE-613 2.0 Low2026-01-07

This page lists every published CVE security advisory associated with HCLSoftware. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.