Filtered by vendor Hcltechsw
Subscriptions
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42445 | 1 Hcltechsw | 1 Hcl Launch | 2024-08-03 | 4.9 Medium |
| HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches. | ||||
| CVE-2022-42452 | 1 Hcltechsw | 1 Hcl Launch | 2024-08-03 | 4.6 Medium |
| HCL Launch is vulnerable to HTML injection. HTML code is stored and included without being sanitized. This can lead to further attacks such as XSS and Open Redirections. | ||||
| CVE-2022-38656 | 1 Hcltechsw | 1 Hcl Commerce | 2024-08-03 | 8.6 High |
| HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes. | ||||
| CVE-2022-38661 | 1 Hcltechsw | 1 Hcl Workload Automation | 2024-08-03 | 6.2 Medium |
| HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash. | ||||
| CVE-2023-45703 | 1 Hcltechsw | 1 Hcl Launch | 2024-08-02 | 5.3 Medium |
| HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. | ||||
| CVE-2023-45700 | 1 Hcltechsw | 1 Hcl Launch | 2024-08-02 | 4.3 Medium |
| HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. | ||||
| CVE-2023-45702 | 2 Hcltechsw, Microsoft | 2 Hcl Launch, Windows | 2024-08-02 | 6.2 Medium |
| An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts.. | ||||
| CVE-2023-45701 | 1 Hcltechsw | 1 Hcl Launch | 2024-08-02 | 4.3 Medium |
| HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | ||||
| CVE-2023-37522 | 1 Hcltechsw | 1 Bigfix Bare Osd Metal Server Webui | 2024-08-02 | 5.6 Medium |
| HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser. | ||||
| CVE-2023-37523 | 1 Hcltechsw | 1 Bigfix Bare Osd Metal Server Webui | 2024-08-02 | 5.6 Medium |
| Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's browser. | ||||
| CVE-2024-23550 | 1 Hcltechsw | 2 Hcl Devops Deploy, Hcl Launch | 2024-08-01 | 6.2 Medium |
| HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent. | ||||