|
1221
|
8.8 |
HIGH
Network
|
hcltech
|
aion
|
HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow cookies to be sent in cross-site requests, potentially increasing exposure to cross-site r…
|
CWE-1275
Sensitive Cookie with Improper SameSite Attribute
|
CVE-2025-52628
|
2026-04-26 02:59 |
2026-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1222
|
8.8 |
HIGH
Network
|
hcltech
|
aion
|
HCL AION está afectado por una Cookie con vulnerabilidad de SameSite insegura, impropia o ausente. Esto puede permitir que las cookies se envíen en peticiones entre sitios, aumentando potencialmente …
|
CWE-1275
Sensitive Cookie with Improper SameSite Attribute
|
CVE-2025-52628
|
2026-04-26 02:59 |
2026-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1223
|
7.5 |
HIGH
Network
|
hcltech
|
aion
|
Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical system files, potentially increasing the risk of system compromise or unauth…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2025-52627
|
2026-04-26 02:59 |
2026-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1224
|
7.5 |
HIGH
Network
|
hcltech
|
aion
|
Vulnerabilidad de configuración: Sistema de archivos raíz no montado como solo lectura. Esto puede permitir modificaciones no intencionadas a archivos críticos del sistema, aumentando potencialmente …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2025-52627
|
2026-04-26 02:59 |
2026-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1225
|
9.8 |
CRITICAL
Network
|
hcltech
|
aion
|
A Potential Command Injection vulnerability in HCL AION.
An This can allow unintended command execution, potentially leading to unauthorized actions on the underlying system.This issue affects AIO…
|
CWE-78
OS Command
|
CVE-2025-52626
|
2026-04-26 02:58 |
2026-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1226
|
9.8 |
CRITICAL
Network
|
hcltech
|
aion
|
Una posible vulnerabilidad de inyección de comandos en HCL AION. Esto puede permitir la ejecución no intencionada de comandos, lo que podría llevar a acciones no autorizadas en el sistema subyacente.…
|
CWE-78
OS Command
|
CVE-2025-52626
|
2026-04-26 02:58 |
2026-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1227
|
7.5 |
HIGH
Network
|
hcltech
|
aion
|
A vulnerability
Cacheable SSL Page Found vulnerability has been identified
in HCL AION.
Cached data may expose credentials, system identifiers, or internal file paths to attackers with access t…
|
CWE-525
Use of Web Browser Cache Containing Sensitive Information
|
CVE-2025-52625
|
2026-04-26 02:58 |
2025-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1228
|
7.5 |
HIGH
Network
|
-
|
-
|
A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processe…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-4111
|
2026-04-26 02:16 |
2026-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1229
|
7.5 |
HIGH
Network
|
-
|
-
|
Se identificó una vulnerabilidad en la lógica de descompresión de archivos RAR5 de la biblioteca libarchive, específicamente dentro de la ruta de procesamiento de archive_read_data(). Cuando se proce…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-4111
|
2026-04-26 02:16 |
2026-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1230
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-31534
|
2026-04-25 15:16 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
