HCL MyXalytics 安全漏洞

HCL MyXalytics is an analytics software product from HCL India. It is used for performing data analysis and other related tasks. A security vulnerability exists in HCL MyXalytics, which arises from loading third-party scripts without integrity checking or validation, and can be exploited by an...

EUVD-2024-40002

Malicious code in bioql PyPI...

EUVD-2024-40000

Malicious code in bioql PyPI...

EUVD-2024-39999

Malicious code in bioql PyPI...

HCL MyXalytics 安全漏洞

HCL MyXalytics is an analytics software product from HCL India. It is used to perform data analysis and other related tasks. A security vulnerability exists in HCL MyXalytics version 6.6 that stems from the use of a vulnerable or outdated version...

CVE-2024-42178

HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution...

CVE-2024-42177

HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system...

CVE-2024-42180

HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files...

CVE-2024-42181

CVE-2024-42181 impacts HCL MyXalytics (DRYiCE MyXalytics). The available data describe a cleartext transmission of sensitive information vulnerability where security‑critical data is sent in cleartext over a channel that can be sniffed. The public documents identify the affected product and the g...

CVE-2024-42179

CVE-2024-42179 describes a sensitive information disclosure in HCL MyXalytics where the HTTP response header reveals the server software name and version (Microsoft-HTTP API/2.0). The underlying issue is exposure of server identity, not a direct code execution vector. Public sources in the connec...

HCL DRYiCE MyXalytics 安全漏洞

HCL DRYiCE MyXalytics is a unified reporting and dashboard product from HCL Corporation, USA. A security vulnerability exists in HCL DRYiCE MyXalytics that stems from vulnerability to sensitive information disclosure vulnerability...

CVE-2024-42174

HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users, and therefore compile a list of valid usernames...

CVE-2024-42173 HCL MyXalytics is affected by an improper password policy implementation vulnerability

HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known...

CVE-2024-42168

CVE-2024-42168 affects HCL DRYiCE/MyXalytics. The vulnerability is described as out-of-band resource load (HTTP), where an attacker can host a malicious web server and cause the application to fetch and process that content. Affected component/process is not explicitly detailed beyond the HTTP-ba...

CVE-2024-42168 HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability

HCL MyXalytics is affected by out-of-band resource load HTTP vulnerability. An attacker can deploy a web server that returns malicious content, and then induce the application to retrieve and process that content...

PT-2025-2618 · Hcl · Hcl Myxalytics

Name of the Vulnerable Software and Affected Versions: HCL MyXalytics affected versions not specified Description: The issue concerns an out-of-band resource load HTTP vulnerability. An attacker can set up a web server with malicious content and then induce the application to retrieve and process...

PT-2025-2620 · Hcl · Hcl Myxalytics

Name of the Vulnerable Software and Affected Versions: HCL MyXalytics affected versions not specified Description: The issue allows cyber-criminals to exploit a session fixation vulnerability by sending crafted URLs with a session token to access the victim's login session. Recommendations: At th...

PT-2024-13279 · Hcl · Hcl Dryice Myxalytics

Name of the Vulnerable Software and Affected Versions: HCL DRYiCE MyXalytics affected versions not specified Description: The HCL DRYiCE MyXalytics product is impacted by an unauthenticated file upload issue. The web application allows the upload of a certain file without requiring user...