71 matches found
EUVD-2023-40843
Malicious code in bioql PyPI...
EUVD-2023-41371
Malicious code in bioql PyPI...
EUVD-2022-53044
Malicious code in bioql PyPI...
EUVD-2023-44902
Malicious code in bioql PyPI...
EUVD-2023-41370
Malicious code in bioql PyPI...
EUVD-2023-45177
Malicious code in bioql PyPI...
EUVD-2023-36379
Malicious code in bioql PyPI...
CVE-2023-32111
In SAP PowerDesigner Proxy - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application...
CVE-2022-31590
SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...
SAP PowerDesigner Input Validation Error Vulnerability
SAP PowerDesigner is a database design software from SAP Germany. An input validation error vulnerability exists in SAP PowerDesigner version 16.7, which stems from an inability to adequately validate a BPMN2 XML document imported from an untrusted source. An attacker could exploit this...
CVE-2023-40310
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
CVE-2023-40310
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
Xxe
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
CVE-2023-40310 Missing XML Validation vulnerability in SAP PowerDesigner Client BPMN2 import
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
CVE-2023-40310
SAP PowerDesigner Client 16.7 is affected by an input validation weakness in BPMN2 XML imports from untrusted sources. The vulnerability allows URLs of external entities in the BPMN2 file to be accessed during import, potentially impacting availability. Root cause: insufficient validation of BPMN...
CVE-2023-40310 Missing XML Validation vulnerability in SAP PowerDesigner Client BPMN2 import
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including SAP Business Objects, SAP HANA, SAP Netweaver and SAP PowerDesigner. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSR...
SAP PowerDesigner 安全漏洞
SAP PowerDesigner is a database design software from SAP Germany. An input validation error vulnerability exists in SAP PowerDesigner version 16.7, which stems from an inability to adequately validate a BPMN2 XML document imported from an untrusted source. An attacker could exploit this...
SAP PowerDesigner Code Injection Vulnerability (CNVD-2024-23328)
SAP PowerDesigner is a database design software from SAP Germany. A code injection vulnerability exists in SAP PowerDesigner version 16.7 that originates from allowing an unauthenticated attacker to inject VBScript code into a document. An attacker could exploit this vulnerability to cause...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including. Business Objects, HANA, Netweaver and Powerdesigner. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data...