Vulnerabilities > SAP > Powerdesigner > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-40310 | Missing XML Validation vulnerability in SAP Powerdesigner 16.7 SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. | 7.5 |
| 2023-08-08 | CVE-2023-36923 | Code Injection vulnerability in SAP Powerdesigner 16.7 SAP SQLA for PowerDesigner 17 bundled with SAP PowerDesigner 16.7 SP06 PL03, allows an attacker with local access to the system, to place a malicious library, that can be executed by the application. | 7.8 |