Search
Search Results (46 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-14274 | 1 Hcltechsw | 1 Hcl Commerce | 2024-11-21 | 7.5 High |
| Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors. | ||||
| CVE-2020-14247 | 1 Hcltechsw | 1 Onetest Performance | 2024-11-21 | 6.5 Medium |
| HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID. | ||||
| CVE-2020-14246 | 1 Hcltechsw | 1 Onetest Performance | 2024-11-21 | 7.5 High |
| HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials. | ||||
| CVE-2020-14245 | 1 Hcltechsw | 1 Onetest Performance | 2024-11-21 | 9.8 Critical |
| HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either requires a provable user identity or consumes a significant amount of resources. | ||||
| CVE-2020-14231 | 1 Hcltechsw | 1 Hcl Client Application Access | 2024-11-21 | 8.8 High |
| A vulnerability in the input parameter handling of HCL Client Application Access v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. This could allow the attacker to crash the program or inject code into the system which would execute with the privileges of the currently logged in user. | ||||
| CVE-2020-14225 | 2 Hcltech, Hcltechsw | 2 Hcl Inotes, Hcl Inotes | 2024-11-21 | 6.5 Medium |
| HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. A remote unauthenticated attacker could use this vulnerability to trick the end user into entering sensitive information such as credentials, e.g. as part of a phishing attack. | ||||