Lucene search
K

46 matches found

RedhatCVE
RedhatCVE
added 2026/01/29 9:21 p.m.7 views

CVE-2023-37525

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals...

5.3CVSS5.9AI score0.00293EPSS
Exploits0References1
CVE
CVE
added 2026/01/28 7:58 p.m.15 views

CVE-2023-37525

CVE-2023-37525 affects HCL BigFix Compliance. The connected sources describe a sensitive information disclosure that lets a remote attacker access files under the WEB-INF directory, potentially exposing Java class files and configuration information and leading to unauthorized access to applicati...

5.3CVSS5.9AI score0.00293EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13436

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00201EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-28061

Malicious code in bioql PyPI...

6.2CVSS6.6AI score0.00134EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-28078

Malicious code in bioql PyPI...

3.8CVSS6.6AI score0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-28062

Malicious code in bioql PyPI...

4.7CVSS6.6AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13437

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00252EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-28077

Malicious code in bioql PyPI...

4.7CVSS6.6AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/07 7:14 p.m.17 views

CVE-2024-42213

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure...

5.3CVSS6.8AI score0.00252EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/07 7:14 p.m.14 views

CVE-2024-42212

HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery CSRF attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions...

5.4CVSS6.8AI score0.00201EPSS
Exploits0References3
OSV
OSV
added 2025/05/05 7:15 p.m.6 views

CVE-2024-42212

HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery CSRF attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions...

5.4CVSS5.6AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2025/05/05 7:15 p.m.11 views

CVE-2024-42212

HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery CSRF attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions...

5.4CVSS0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/05 7:0 p.m.11 views

CVE-2024-42213 HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure...

5.3CVSS5.2AI score0.00252EPSS
Exploits0References1
CVE
CVE
added 2025/05/05 7:0 p.m.66 views

CVE-2024-42213

CVE-2024-42213 affects HCL BigFix Compliance. The issue is the inclusion of temporary files left in production, which could be exposed via indexing, predictable URLs, or misconfigured permissions, causing information disclosure. CVSSv3.1 base score is 5.3 (Medium); attack vector: network; impact ...

5.3CVSS5.2AI score0.00252EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/05 7:0 p.m.11 views

CVE-2024-42213 HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure...

5.3CVSS0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/05 6:40 p.m.8 views

CVE-2024-42212 HCL BigFix Compliance is affected by an improper or missing SameSite attribute

HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery CSRF attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions...

5.4CVSS5.4AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/05 6:40 p.m.16 views

CVE-2024-42212 HCL BigFix Compliance is affected by an improper or missing SameSite attribute

HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery CSRF attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions...

5.4CVSS0.00201EPSS
Exploits0References1
CVE
CVE
added 2025/05/05 6:40 p.m.61 views

CVE-2024-42212

CVE-2024-42212 affects HCL BigFix Compliance due to an improper or missing SameSite attribute, enabling Cross-Site Request Forgery (CSRF) via authenticated sessions. The primary sources consistently describe the issue as a CSRF risk stemming from SameSite misconfiguration; the CVSS 3.1 base metri...

5.4CVSS5.4AI score0.00201EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.5 views

HCL BigFix Compliance 安全漏洞

HCL BigFix Compliance is a continuous monitoring and application of endpoint security settings by HCL India to ensure compliance with regulatory or organizational security policies. A security vulnerability exists in HCL BigFix Compliance that stems from missing or improper SameSite attributes,...

5.4CVSS6.5AI score0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.6 views

PT-2025-19760 · Hcl · Hcl Bigfix Compliance

Name of the Vulnerable Software and Affected Versions: HCL BigFix Compliance affected versions not specified Description: The issue is related to an improper or missing SameSite attribute, which can lead to Cross-Site Request Forgery CSRF attacks. A malicious site could trick a user's browser int...

5.4CVSS6.1AI score0.00201EPSS
Exploits0References4
Rows per page
Query Builder