Filtered by vendor Hcltechsw
Subscribe
Search
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45701 | 1 Hcltechsw | 1 Hcl Launch | 2024-01-04 | N/A | 6.5 MEDIUM |
| HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. | |||||
| CVE-2023-45702 | 2 Hcltechsw, Microsoft | 2 Hcl Launch, Windows | 2024-01-04 | N/A | 5.5 MEDIUM |
| An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts.. | |||||
| CVE-2023-45700 | 1 Hcltechsw | 1 Hcl Launch | 2024-01-02 | N/A | 5.4 MEDIUM |
| HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure. | |||||
| CVE-2022-42445 | 1 Hcltechsw | 1 Hcl Launch | 2023-08-08 | N/A | 4.9 MEDIUM |
| HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches. | |||||
| CVE-2022-27549 | 1 Hcltechsw | 1 Hcl Launch | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| HCL Launch may store certain data for recurring activities in a plain text format. | |||||
| CVE-2022-27548 | 1 Hcltechsw | 1 Hcl Launch | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| HCL Launch stores user credentials in plain clear text which can be read by a local user. | |||||
| CVE-2021-27746 | 1 Hcltechsw | 1 Connections | 2021-10-26 | 3.5 LOW | 5.4 MEDIUM |
| "HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability" | |||||
| CVE-2020-14247 | 1 Hcltechsw | 1 Onetest Performance | 2021-02-09 | 6.4 MEDIUM | 6.5 MEDIUM |
| HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID. | |||||
| CVE-2020-14225 | 2 Hcltech, Hcltechsw | 2 Hcl Inotes, Hcl Inotes | 2020-12-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack. | |||||
| CVE-2020-4100 | 1 Hcltechsw | 1 Hcl Verse | 2020-07-22 | 2.1 LOW | 4.4 MEDIUM |
| "HCL Verse for Android was found to employ dynamic code loading. This mechanism allows a developer to specify which components of the application should not be loaded by default when the application is started. Typically, core components and additional dependencies are loaded natively at runtime; however, dynamically loaded components are only loaded as they are specifically requested. While this can have a positive impact on performance, or grant additional functionality (for example, a non-invasive update feature), it can also open the application to loading unintended code if not implemented properly." | |||||