CWE-1386
14 CVEs classified under CWE-1386. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-58074 | High | 8.8 | 2026-05-04 | A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during… |
CVE-2022-42291 | High | 8.2 | 2023-02-07 | NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete d… |
CVE-2023-28065 | Medium | 6.7 | 2023-06-23 | Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerabilit… |
CVE-2024-36340 | Medium | 6.6 | 2025-05-13 | A junction point vulnerability within AMD uProf can allow a local low-privileged attacker to create junction points, potentially resulting in arbitrary file d… |
CVE-2023-32474 | Medium | 6.6 | 2024-02-06 | Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could pote… |
CVE-2023-32454 | Medium | 6.3 | 2024-02-06 | DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could expl… |
CVE-2023-28071 | Medium | 6.3 | 2023-06-23 | Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnera… |
CVE-2023-40623 | Medium | 6.2 | 2023-09-12 | SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a… |
CVE-2023-23698 | Medium | 5.5 | 2023-02-10 | Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer compo… |
CVE-2023-32470 | Medium | 5.0 | 2023-09-08 | Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could p… |
CVE-2023-23697 | Medium | 4.7 | 2023-02-13 | Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated m… |
CVE-2023-24572 | Medium | 4.7 | 2023-02-13 | Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally au… |
CVE-2023-5834 | Low | 3.8 | 2023-10-27 | HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized fil… |
CVE-2024-7400 | | 2024-09-27 | The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to del… |