CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

478 matches found

IBM Maximo Asset Management Information Disclosure - XML External Entity Injection

IBM Maximo Asset Management is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. id: CVE-2020-4463 info: name: IBM Maximo Asset Management Information...

8.2CVSS7.8AI score0.3159EPSS

Exploits1References5

Cvelist•added 2026/06/12 9:57 p.m.•29 views

CVE-2026-41158 GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

0.00118EPSS

Exploits0References1

CNNVD•added 2026/06/02 12:0 a.m.•4 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from excessive reading of memory resources...

8.8CVSS5.3AI score0.00291EPSS

Exploits0References3

NVD•added 2026/02/04 9:15 p.m.•4 views

CVE-2025-1823

IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...

3.5CVSS0.00216EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•6 views

CVE-2023-45192

IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 268758...

8.2CVSS6.6AI score0.00678EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:45 a.m.•7 views

CVE-2022-38389

IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975...

9.1CVSS6.5AI score0.01286EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:33 a.m.•8 views

CVE-2024-39726

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

8.2CVSS6.7AI score0.00679EPSS

Exploits0References1