Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-426
Total 546 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-45281 2024-09-10 N/A 5.8 MEDIUM
SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client desktop applications even if some of the DLLs are not digitally signed or if the signature is broken. The attacker needs to have local access to the vulnerable system to perform DLL related tasks. This could result in a high impact on confidentiality and integrity of the application.
CVE-2024-6473 1 Yandex 1 Yandex Browser 2024-09-05 N/A 7.8 HIGH
Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.
CVE-2024-42439 1 Zoom 2 Meeting Software Development Kit, Workplace Desktop 2024-08-29 N/A 6.5 MEDIUM
Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.
CVE-2024-6975 1 Catonetworks 1 Cato Client 2024-08-27 N/A 8.8 HIGH
Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34.
CVE-2024-6974 1 Catonetworks 1 Cato Client 2024-08-27 N/A 7.8 HIGH
Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34.
CVE-2024-41865 1 Adobe 1 Dimension 2024-08-19 N/A 7.8 HIGH
Dimension versions 3.4.11 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the legitimate file. This could occur if the application uses a search path to locate executables or libraries. Exploitation of this issue requires user interaction.