45 matches found
CVE-2026-21785
A misconfigured Content Security Policy CSP in HCL BigFix Remote Control Server WebUI versions 10.1.0.0442 and earlier fails to define directives without fallbacks, allowing attackers to bypass intended security restrictions and load unauthorized resources...
CVE-2025-15633
An improper authorization vulnerability in HCL BigFix WebUI allows an authenticated user without Master Operator privileges to access internal data site names, versions, and configuration variables and bypass privilege requirements via unprotected endpoints lacking adequate security headers...
CVE-2025-15634
A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page...
CVE-2025-15634
A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page...
CVE-2025-15634 HCL BigFix WebUI is affected by a missing authorization vulnerability
A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page...
CVE-2025-15634
A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page...
PT-2026-39320
Name of the Vulnerable Software and Affected Versions HCL BigFix WebUI affected versions not specified Description An improper authorization issue in HCL BigFix WebUI allows an authenticated user who lacks Master Operator privileges to bypass privilege requirements. This is possible due to...
HCL BigFix WebUI 安全漏洞
HCL BigFix WebUI is a web-based administration page from HCL India. A security vulnerability exists in HCL BigFix WebUI, which stems from an authorization gap that could result in an authenticated user without appropriate privileges accessing an unauthorized page to view sensitive environmental...
PT-2026-39321
Name of the Vulnerable Software and Affected Versions HCL BigFix WebUI affected versions not specified Description A missing authorization flaw allows an authenticated user lacking necessary permissions to access sensitive environmental information by navigating directly to an unauthorized page v...
Unspecified Vulnerability in HCL BigFix WebUI
HCL BigFix WebUI is a web based administration page of HCL India. A security vulnerability exists in HCL BigFix WebUI, which stems from an improper response to the HOST information in the HTTP header field, and can be exploited by an attacker to cause a host header poisoning attack...
CVE-2025-52647
The BigFix WebUI application responds with HOST information from the HTTP header field making it vulnerable to Host Header Poisoning Attacks...
EUVD-2025-33794
The BigFix WebUI application responds with HOST information from the HTTP header field making it vulnerable to Host Header Poisoning Attacks...
CVE-2025-52647
The BigFix WebUI application responds with HOST information from the HTTP header field making it vulnerable to Host Header Poisoning Attacks...
CVE-2025-52647 HCL BigFix WebUI is affected by a host header poisoning vulnerability
The BigFix WebUI application responds with HOST information from the HTTP header field making it vulnerable to Host Header Poisoning Attacks...
CVE-2025-52647 HCL BigFix WebUI is affected by a host header poisoning vulnerability
The BigFix WebUI application responds with HOST information from the HTTP header field making it vulnerable to Host Header Poisoning Attacks...
CVE-2025-52647
CVE-2025-52647 affects HCL BigFix WebUI and is described as a host header poisoning vulnerability where the application responds with HOST information from HTTP header fields. Connected sources consistently reference this issue in BigFix WebUI across multiple ecosystems (Red Hat, CNVD, NVD, CVE l...
PT-2025-41612
Name of the Vulnerable Software and Affected Versions BigFix WebUI affected versions not specified Description The BigFix WebUI application is susceptible to Host Header Poisoning Attacks. The application responds with HOST information from the HTTP header field. Recommendations At the moment,...
EUVD-2020-25351
Malware in sbrugna...
EUVD-2023-31746
Malicious code in bioql PyPI...
EUVD-2022-41228
Malicious code in bioql PyPI...