CWE-112
7 CVEs classified under CWE-112. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-1975 | Medium | 6.8 | 2020-02-12 | Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that… |
CVE-2023-40310 | Medium | 6.5 | 2023-10-10 | SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external ent… |
CVE-2021-1359 | Medium | 6.3 | 2021-07-08 | A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perfor… |
CVE-2021-27780 | Medium | 5.3 | 2022-05-27 | The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. |
CVE-2026-1190 | Low | 3.1 | 2026-01-26 | A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language (SAML) setup, it f… |
CVE-2022-28213 | | 2022-04-12 | When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML docume… | |
CVE-2020-27282 | | 2021-03-15 | In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged attackers with physical acc… |