Filtered by vendor Hcltech
Subscribe
Total
404 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30152 | 1 Hcltech | 1 Hcl Sx | 2026-06-17 | N/A | 6.5 MEDIUM |
| HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts. | |||||
| CVE-2024-30150 | 1 Hcltech | 1 Dryice Mycloud | 2026-06-17 | N/A | 5.3 MEDIUM |
| HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF) and Denial of Service(DOS) attacks from unauthenticated users. | |||||
| CVE-2024-30149 | 1 Hcltech | 1 Appscan Source | 2026-06-17 | N/A | 4.8 MEDIUM |
| HCL AppScan Source <= 10.6.0 does not properly validate a TLS/SSL certificate for an executable. | |||||
| CVE-2024-30148 | 1 Hcltech | 1 Hcl Leap | 2026-06-17 | N/A | 4.1 MEDIUM |
| Improper access control of endpoint in HCL Leap allows certain admin users to import applications from the server's filesystem. | |||||
| CVE-2024-30147 | 1 Hcltech | 1 Hcl Leap | 2026-06-17 | N/A | 6.5 MEDIUM |
| Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications. | |||||
| CVE-2024-30146 | 1 Hcltech | 1 Domino Leap | 2026-06-17 | N/A | 4.1 MEDIUM |
| Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem. | |||||
| CVE-2024-30145 | 1 Hcltech | 1 Domino Leap | 2026-06-17 | N/A | 6.5 MEDIUM |
| Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications. | |||||
| CVE-2024-30142 | 1 Hcltech | 1 Bigfix Compliance | 2026-06-17 | N/A | 3.8 LOW |
| HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel. | |||||
| CVE-2024-30141 | 1 Hcltech | 1 Bigfix Compliance | 2026-06-17 | N/A | 4.7 MEDIUM |
| HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information. Detailed error messages can provide enticement information or expose information about its environment, users, or associated data. | |||||
| CVE-2024-30140 | 1 Hcltech | 1 Bigfix Compliance | 2026-06-17 | N/A | 5.4 MEDIUM |
| HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page. | |||||
| CVE-2024-30135 | 1 Hcltech | 1 Dryice Aex | 2026-06-17 | N/A | 3.3 LOW |
| HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken. | |||||
| CVE-2024-30134 | 1 Hcltech | 1 Traveler For Microsoft Outlook | 2026-06-17 | N/A | 6.7 MEDIUM |
| The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application. | |||||
| CVE-2024-30133 | 1 Hcltech | 1 Traveler For Microsoft Outlook | 2026-06-17 | N/A | 5.3 MEDIUM |
| HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways. | |||||
| CVE-2024-30132 | 1 Hcltech | 1 Nomad Server On Domino | 2026-06-17 | N/A | 3.7 LOW |
| HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors. | |||||
| CVE-2024-30130 | 1 Hcltech | 1 Nomad Server On Domino | 2026-06-17 | N/A | 3.7 LOW |
| HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information. | |||||
| CVE-2024-30128 | 1 Hcltech | 1 Nomad Server On Domino | 2026-06-17 | N/A | 8.6 HIGH |
| HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information. | |||||
| CVE-2024-30127 | 1 Hcltech | 1 Hcl Leap | 2026-06-17 | N/A | 3.2 LOW |
| Missing "no cache" headers in HCL Leap permits sensitive data to be cached. | |||||
| CVE-2024-30126 | 1 Hcltech | 1 Bigfix Compliance | 2026-06-17 | N/A | 4.7 MEDIUM |
| HCL BigFix Compliance is affected by a missing X-Frame-Options HTTP header which can allow an attacker to create a malicious website that embeds the target website in a frame or iframe, tricking users into performing actions on the target website without their knowledge. | |||||
| CVE-2024-30125 | 1 Hcltech | 1 Bigfix Compliance | 2026-06-17 | N/A | 6.2 MEDIUM |
| HCL BigFix Compliance server can respond with an HTTP status of 500, indicating a server-side error that may cause the server process to die. | |||||
| CVE-2024-30124 | 1 Hcltech | 1 Sametime | 2026-06-17 | N/A | 4.0 MEDIUM |
| HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously. | |||||