Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HCL Software — Vulnerabilities & Security Advisories 330

Browse all 330 CVE security advisories affecting HCL Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HCL Software specializes in enterprise application development and management tools, primarily serving large organizations with legacy and modernization needs. Its portfolio includes Domino, OpenPages, and various integration platforms, which historically present a diverse attack surface. Common vulnerability classes affecting these products include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex configurations or outdated underlying frameworks. The company has addressed numerous security flaws, with records indicating hundreds of disclosed CVEs over the years. Notable incidents have involved authentication bypasses and injection flaws in older versions of its collaboration suites. HCL Software generally responds to these issues through regular patch cycles and security advisories, though the sheer volume of legacy code contributes to the high number of recorded vulnerabilities. Users are advised to maintain strict update protocols to mitigate risks associated with these known security gaps.

Found 6 results / 330Clear Filters
Top products by HCL Software: DRYiCE MyXalytics BigFix Platform HCL Launch HCL Leap Connections BigFix Service Management (SM) Sametime AION HCL Connections BigFix Patch Management Download Plug-ins Nomad server on Domino HCL Sametime HCL Domino Leap BigFix Compliance iAutomate BigFix SaaS Remediate HCL DevOps Deploy / HCL Launch HCL BigFix Platform IEM DevOps Deploy / Launch HCL Unica Platform Unica Platform BigFix Insights for Vulnerability Remediation DRYiCE Optibot Reset Station HCL MyXalytics HCL Commerce HCL Digital Experience HCL Traveler DRYiCE AEX HCL BigFix Mobile / Modern Client Management
CVE IDTitleCVSSSeverityPublished
CVE-2024-30142 HCL BigFix Compliance is affected by a missing secure flag on a cookie — BigFix ComplianceCWE-614 3.8 Low2024-11-07
CVE-2024-30141 HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information — BigFix ComplianceCWE-209 4.7 Medium2024-11-07
CVE-2024-30140 HCL BigFix Compliance is affected by unvalidated redirects and forwards — BigFix ComplianceCWE-601 5.4 Medium2024-11-07
CVE-2024-30126 HCL BigFix Compliance is affected by a missing X-Frame-Options Header vulnerability — BigFix Compliance 4.7 Medium2024-07-18
CVE-2024-30125 HCL BigFix Compliance is affected by an internal server error — BigFix Compliance 6.2 Medium2024-07-18
CVE-2024-23551 HCL BigFix Compliance is potentially affected by Oracle database credentials stored at endpoint — BigFix ComplianceCWE-522 6.5 Medium2024-05-07

This page lists every published CVE security advisory associated with HCL Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.