Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/27 8:15 p.m.5 views

CVE-2026-21785

A misconfigured Content Security Policy CSP in HCL BigFix Remote Control Server WebUI versions 10.1.0.0442 and earlier fails to define directives without fallbacks, allowing attackers to bypass intended security restrictions and load unauthorized resources...

4CVSS5.8AI score0.00025EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/09 5:5 a.m.3 views

CVE-2025-15634 HCL BigFix WebUI is affected by a missing authorization vulnerability

A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page...

5.3CVSS5.8AI score0.00024EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/09 12:0 a.m.3 views

HCL BigFix WebUI 安全漏洞

HCL BigFix WebUI is a web-based administration page from HCL India. A security vulnerability exists in HCL BigFix WebUI, which stems from an authorization gap that could result in an authenticated user without appropriate privileges accessing an unauthorized page to view sensitive environmental...

5.3CVSS5.8AI score0.00024EPSS
Exploits0References1
CNVD
CNVDadded 2025/10/21 12:0 a.m.3 views

Unspecified Vulnerability in HCL BigFix WebUI

HCL BigFix WebUI is a web based administration page of HCL India. A security vulnerability exists in HCL BigFix WebUI, which stems from an improper response to the HOST information in the HTTP header field, and can be exploited by an attacker to cause a host header poisoning attack...

6.1CVSS6.7AI score0.00029EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2020-25351

Malware in sbrugna...

5.4CVSS5.6AI score0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/07/18 12:0 a.m.1 views

PT-2023-21486 · Hcl · Hcl Bigfix Webui

Name of the Vulnerable Software and Affected Versions: HCL BigFix WebUI affected versions not specified Description: The issue allows a malicious user to redirect the client browser to an external site via a redirect URL response header in the login page. Recommendations: At the moment, there is ...

6.1CVSS6AI score0.00228EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/06/23 5:2 a.m.10 views

CVE-2023-23344 HCL BigFix WebUI Insights is susceptible to a lack of sufficient authorization

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...

3CVSS6.7AI score0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/12/20 4:51 a.m.6 views

CVE-2022-38655 HCL BigFix WebUI is affected by a missing-permission-check vulnerability

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

6.4CVSS6.5AI score0.00174EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/05/06 6:10 p.m.11 views

CVE-2021-27764 HCL BigFix WebUI Cookie missing attributes

Cookie without HTTPONLY flag set. NUMBER cookies was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. WebUI...

7.4CVSS7.6AI score0.0011EPSS
Exploits0References1
Rows per page
Query Builder