Lucene search
+L

8 matches found

NVD
NVD
added 3 hours ago7 views

CVE-2025-59866

The HCL DFMPro, DFXAnalytics and DFXServer installers are affected by ‘Insecure file permissions Leading to Privilege Escalation’ vulnerability, which enables any logged-in non-administrative user to overwrite or replace the executable file with a malicious binary...

3.3CVSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 hours ago4 views

CVE-2025-59866

The HCL DFMPro, DFXAnalytics and DFXServer installers are affected by ‘Insecure file permissions Leading to Privilege Escalation’ vulnerability, which enables any logged-in non-administrative user to overwrite or replace the executable file with a malicious binary...

3.3CVSS5.4AI score
Exploits0References1
CVE
CVE
added 4 hours ago5 views

CVE-2025-59866

The CVE concerns HCL DFMPro, DFXAnalytics, and DFXServer installers suffering from Insecure file permissions that allow a logged-in non-administrative user to overwrite or replace the executable with a malicious binary. The underlying cause is unrestricted or insecure permissions on the installer...

3.3CVSS5.4AI score
Exploits0References1
EUVD
EUVD
added 4 hours ago5 views

EUVD-2025-210480

The HCL DFMPro, DFXAnalytics and DFXServer installers are affected by ‘Insecure file permissions Leading to Privilege Escalation’ vulnerability, which enables any logged-in non-administrative user to overwrite or replace the executable file with a malicious binary...

3.3CVSS5.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 22 hours ago4 views

PT-2026-60832

The HCL DFMPro, DFXAnalytics and DFXServer installers are affected by ‘Insecure file permissions Leading to Privilege Escalation’ vulnerability, which enables any logged-in non-administrative user to overwrite or replace the executable file with a malicious binary...

3.3CVSS5.3AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-35147

HCL DFXServer is affected by a Broken Authentication vulnerability via direct API access. The application fails to verify the user’s authentication status when accessing specific API endpoints, allowing an unauthenticated attacker to interact with the APIs and perform unauthorized actions without...

8.2CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-35149

CVE-2026-35149 involves HCL DFXServer and describes an authentication bypass caused by server response manipulation. The vulnerability allows an unauthenticated attacker to gain access by intercepting and altering authentication responses, effectively bypassing verification. Reported CVSS-3.1 met...

8.2CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-35146

The CVE-2026-35146 record concerns HCL DFXServer and describes an Unencrypted Communication vulnerability. The issue allows connections over unencrypted HTTP channels, enabling a remote attacker to intercept traffic and access sensitive data transmitted between the user and the server. The provid...

6.3CVSS6.1AI score
Exploits0References1
Rows per page
Query Builder