CVE-2024-45281

MEDIUM Year: 2024
CVSS v3 Score
5.8
Medium
Weakness Type
CWE-426
View all →

Vulnerability Description

SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client desktop applications even if some of the DLLs are not digitally signed or if the signature is broken. The attacker needs to have local access to the vulnerable system to perform DLL related tasks. This could result in a high impact on confidentiality and integrity of the application.

Related Vulnerabilities

CVE-2016-8746

MEDIUM
CVSS:5.9(Medium)

Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true.

CWE-4262016

CVE-2020-29482

MEDIUM
CVSS:6.0(Medium)

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID f...

CWE-4262020

CVE-2019-12912

MEDIUM
CVSS:5.5(Medium)

Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail, Outlook, etc.) used in the application.

CWE-4262019

CVE-2023-39202

MEDIUM
CVSS:5.5(Medium)

Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.

CWE-4262023

CVE-2021-21055

MEDIUM
CVSS:6.2(Medium)

Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access...

CWE-4262021

CVE-2020-8096

MEDIUM
CVSS:5.3(Medium)

Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefe...

CWE-4262020