Vulnerabilities > SAP > Powerdesigner > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-40310 Missing XML Validation vulnerability in SAP Powerdesigner 16.7
SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source.
network
low complexity
sap CWE-112
7.5
2023-08-08 CVE-2023-36923 Code Injection vulnerability in SAP Powerdesigner 16.7
SAP SQLA for PowerDesigner 17 bundled with SAP PowerDesigner 16.7 SP06 PL03, allows an attacker with local access to the system, to place a malicious library, that can be executed by the application.
local
low complexity
sap CWE-94
7.8