76 matches found
EUVD-2023-36379
Malicious code in bioql PyPI...
EUVD-2023-40843
Malicious code in bioql PyPI...
EUVD-2022-53044
Malicious code in bioql PyPI...
EUVD-2023-44902
Malicious code in bioql PyPI...
EUVD-2023-45177
Malicious code in bioql PyPI...
EUVD-2023-41371
Malicious code in bioql PyPI...
EUVD-2023-41370
Malicious code in bioql PyPI...
CVE-2023-32111
In SAP PowerDesigner Proxy - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application...
CVE-2022-31590
SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...
The vulnerability of SAP PowerDesigner, a tool for modeling enterprise architecture, related to inadequate access control, allows attackers to execute arbitrary queries against the internal database.
The vulnerability of SAP PowerDesigner, a tool for modeling enterprise architecture, is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary queries against the internal database through a proxy server...
SAP PowerDesigner Input Validation Error Vulnerability
SAP PowerDesigner is a database design software from SAP Germany. An input validation error vulnerability exists in SAP PowerDesigner version 16.7, which stems from an inability to adequately validate a BPMN2 XML document imported from an untrusted source. An attacker could exploit this...
The vulnerability of the import function for BPMN files in the Business Process Modeling module of SAP PowerDesigner allows a attacker to trigger a service failure.
The vulnerability of the BPMN-file import function in the Business Process Modeling module of the SAP PowerDesigner software relates to the lack of authenticity verification for XML documents. Exploiting this vulnerability could allow an attacker to cause service failures...
CVE-2023-40310
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
CVE-2023-40310
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
Xxe
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
CVE-2023-40310 Missing XML Validation vulnerability in SAP PowerDesigner Client BPMN2 import
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
CVE-2023-40310 Missing XML Validation vulnerability in SAP PowerDesigner Client BPMN2 import
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
CVE-2023-40310
SAP PowerDesigner Client 16.7 is affected by an input validation weakness in BPMN2 XML imports from untrusted sources. The vulnerability allows URLs of external entities in the BPMN2 file to be accessed during import, potentially impacting availability. Root cause: insufficient validation of BPMN...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including SAP Business Objects, SAP HANA, SAP Netweaver and SAP PowerDesigner. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSR...
SAP PowerDesigner 安全漏洞
SAP PowerDesigner is a database design software from SAP Germany. An input validation error vulnerability exists in SAP PowerDesigner version 16.7, which stems from an inability to adequately validate a BPMN2 XML document imported from an untrusted source. An attacker could exploit this...