EUVD-2023-45177

Malicious code in bioql PyPI...

CVE-2023-40310

SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...

CVE-2023-40621 Code Injection vulnerability in SAP PowerDesigner Client

SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before...

PT-2023-5922 · Sap · Sap Powerdesigner Client

Name of the Vulnerable Software and Affected Versions: SAP PowerDesigner Client version 16.7 Description: The issue is related to the import function of BPMN files in the Business Process Modeling BPM module of the SAP PowerDesigner enterprise architecture modeling tool. It does not sufficiently...