Vulnerabilities in HCL Software
334 resultsCVE-2021-27766MEDIUMHCL BigFix Platform Client is affected by a Privilege Escalation VulnerabilityEPSS 0.2%CVE-2021-27767MEDIUMHCL BigFix Platform Console is affected by a Privilege Escalation VulnerabilityEPSS 0.2%CVE-2022-38654MEDIUMHCL Domino is susceptible to an information disclosure vulnerabilityEPSS 0.2%CVE-2024-30152MEDIUMHCL SX is affected by usage of a weak cryptographic algorithmEPSS 0.2%CVE-2025-31965HIGHHCL BigFix Remote Control is affected by an authorization bypass vulnerabilityEPSS 0.2%CVE-2025-52639LOWHCL Connections is vulnerable to sensitive information disclosureEPSS 0.2%CVE-2022-42450MEDIUMHCL Domino Volt is affected by Cross-site scripting (XSS)EPSS 0.2%CVE-2024-42200MEDIUMHCL BigFix Web Reports is potentially susceptible to a Stored Cross-Site Scripting (XSS) attackEPSS 0.2%CVE-2022-44759MEDIUMHCL Leap is affected by Cross-site scripting (XSS)EPSS 0.2%CVE-2021-27751MEDIUMHCL Commerce is affected by an Insufficient Session Expiration vulnerability.EPSS 0.2%CVE-2025-52620MEDIUMHCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-31974LOWHCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-OnlyEPSS 0.2%CVE-2025-52647MEDIUMHCL BigFix WebUI is affected by a host header poisoning vulnerabilityEPSS 0.2%CVE-2025-52658LOWHCL MyXalytics is affected by the use of vulnerable/outdated versionsEPSS 0.2%CVE-2022-38661MEDIUMHCL Workload Automation is affected by a vulnerability in Jlog component of the Master Domain ManagerEPSS 0.2%CVE-2025-55251LOWHCL AION is affected by an Unrestricted File Upload vulnerabilityEPSS 0.2%CVE-2025-0250LOWHCL IEM is affected by an authorization token sent in cookie vulnerabilityEPSS 0.2%CVE-2021-27785LOWHCL Commerce could allow a local attacker to obtain sensitive personal information (CVE-2021-27785)EPSS 0.2%CVE-2024-42181LOWHCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerabilityEPSS 0.2%CVE-2023-23342MEDIUMHCL Nomad for web is affected by cryptographic validation of local data access that can be circumventedEPSS 0.2%