Filtered by vendor Hcltech
Subscribe
Total
306 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-51736 | 1 Hcltech | 1 Unica | 2025-12-02 | N/A | 6.3 MEDIUM |
| File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0. | |||||
| CVE-2025-51735 | 1 Hcltech | 1 Unica | 2025-12-02 | N/A | 7.5 HIGH |
| CSV formula injection vulnerability in HCL Technologies Ltd. Unica 12.0.0. | |||||
| CVE-2025-51734 | 1 Hcltech | 1 Unica | 2025-12-02 | N/A | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0. | |||||
| CVE-2025-51733 | 1 Hcltech | 1 Unica | 2025-12-02 | N/A | 5.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0. | |||||
| CVE-2024-23563 | 1 Hcltech | 1 Connections Docs | 2025-11-25 | N/A | 3.9 LOW |
| HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data. | |||||
| CVE-2025-31987 | 1 Hcltech | 1 Connections Docs | 2025-11-21 | N/A | 4.8 MEDIUM |
| HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion. | |||||
| CVE-2025-52639 | 1 Hcltech | 1 Connections | 2025-11-20 | N/A | 3.5 LOW |
| HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper rendering of application data. | |||||
| CVE-2024-30127 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 3.2 LOW |
| Missing "no cache" headers in HCL Leap permits sensitive data to be cached. | |||||
| CVE-2022-44759 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 4.6 MEDIUM |
| Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications. | |||||
| CVE-2023-37516 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 3.2 LOW |
| Missing "no cache" headers in HCL Leap permits user directory information to be cached. | |||||
| CVE-2022-44760 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 4.6 MEDIUM |
| Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications. | |||||
| CVE-2024-30147 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 6.5 MEDIUM |
| Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications. | |||||
| CVE-2024-30114 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 3.7 LOW |
| Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment. | |||||
| CVE-2024-30113 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 6.3 MEDIUM |
| Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget. | |||||
| CVE-2023-45720 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 5.3 MEDIUM |
| Insufficient default configuration in HCL Leap allows anonymous access to directory information. | |||||
| CVE-2023-37534 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 7.1 HIGH |
| Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters. | |||||
| CVE-2024-30148 | 1 Hcltech | 1 Hcl Leap | 2025-11-17 | N/A | 4.1 MEDIUM |
| Improper access control of endpoint in HCL Leap allows certain admin users to import applications from the server's filesystem. | |||||
| CVE-2025-31954 | 1 Hcltech | 1 Dryice Iautomate | 2025-11-07 | N/A | 5.4 MEDIUM |
| HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see. | |||||
| CVE-2024-30145 | 1 Hcltech | 1 Domino Leap | 2025-11-07 | N/A | 6.5 MEDIUM |
| Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications. | |||||
| CVE-2023-45721 | 1 Hcltech | 1 Domino Leap | 2025-11-04 | N/A | 5.3 MEDIUM |
| Insufficient default configuration in HCL Leap allows anonymous access to directory information. | |||||