Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Missing "no cache" headers in HCL Leap permits user directory information to be cached.
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
Improper access control of endpoint in HCL Leap
allows certain admin users to import applications from the
server's filesystem.
Insufficient URI protocol whitelist in HCL Leap
allows script injection through query parameters.
Unsafe default file type filter policy in HCL
Leap allows execution of unsafe JavaScript in deployed applications.
Insufficient sanitization in HCL Leap allows
client-side script injection in the authoring environment.
Improper access control of endpoint in HCL Domino Leap
allows certain admin users to import applications from the
server's filesystem.
Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap
allow script injection through query parameters.
Multiple vectors in HCL Leap allow client-side
script injection in the authoring environment and deployed applications.
Cross Site Scripting vulnerability in HCL Technologies Limited HCLTech DRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via missing directives
Avigilon – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests
HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.
HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.
HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.
Incorrect default permissions in the AMD Optimizing CPU Libraries (AOCL) installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code executio
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses
Page 1+ Next →