1473 matches found
CVE-2025-31975
HCL BigFix Service Management SM is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities...
CVE-2025-31975
Technical details about CVE-2025-31975 are not publicly available in the provided documents. The sources describe an information disclosure via server banners but do not specify affected versions, root cause, exploitability, or remediation. Monitor for updates.
CVE-2025-31975 HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified.
HCL BigFix Service Management SM is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities...
CVE-2025-31975
HCL BigFix Service Management SM is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities...
CVE-2025-31975 HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified.
HCL BigFix Service Management SM is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities...
CVE-2025-52613
Technical details about CVE-2025-52613 are not publicly available in the provided documents. No explicit affected product versions, root cause, or fixes are disclosed here. Monitor for future updates from vendors and security advisories.
CVE-2025-52613 HCL BigFix Service Management (SM) is affected by use of a vulnerable component
HCL BigFix Service Management SM is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access...
CVE-2025-52613
HCL BigFix Service Management SM is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access...
CVE-2025-52613 HCL BigFix Service Management (SM) is affected by use of a vulnerable component
HCL BigFix Service Management SM is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access...
CVE-2025-31976 HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials
HCL BigFix Service Management SM is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated...
CVE-2025-31976 HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials
HCL BigFix Service Management SM is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated...
CVE-2025-31976
HCL BigFix Service Management SM is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated...
CVE-2025-31978 HCL BigFix Service Management (SM) does not adequately sanitize or safely render
HCL BigFix Service Management SM does not adequately sanitize or safely render spreadsheet files CSV, XLS, XLSX before processing or distributing them. An attacker could populate data fields which, when saved to a CSV file, may attempt information exfiltration or other malicious activity when...
CVE-2025-31978
CVE-2025-31978 : HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. The underlying issue may allow an attacker to craft data fields that, when saved to a CSV, could trigger information exfiltr...
CVE-2025-31978 HCL BigFix Service Management (SM) does not adequately sanitize or safely render
HCL BigFix Service Management SM does not adequately sanitize or safely render spreadsheet files CSV, XLS, XLSX before processing or distributing them. An attacker could populate data fields which, when saved to a CSV file, may attempt information exfiltration or other malicious activity when...
CVE-2025-31959
HCL BigFix Service Management SM application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentionally shared...
CVE-2025-31959
Affected product : HCL BigFix Service Management (SM). Vulnerability : The SM application fails to strip EXIF metadata from uploaded images. This metadata may include sensitive location information, leading to confidentiality/privacy risks if inadvertently shared. Impact (from sources) : Privacy/...
CVE-2025-31959 HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images.
HCL BigFix Service Management SM application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentionally shared...
CVE-2025-31959 HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images.
HCL BigFix Service Management SM application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentionally shared...
CVE-2025-31982
HCL BigFix Service Management SM had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality...