CVEs classified under CWE-112, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-28213 — CVSS 8.1 (high): When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently…
CVE-2023-40310 — CVSS 6.5 (medium): SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result…
CVE-2021-1359 — CVSS 6.3 (medium): A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated…
CVE-2021-27780 — CVSS 5.3 (medium): The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
CVE-2020-27282 — CVSS 4.3 (medium): In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged…
CVE-2026-1190 — CVSS 3.1 (low): A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup…