44 matches found
Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2276 Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability May 4, 2026 CVE Number CVE-2025-58074 SUMMARY A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Stor...
EUVD-2023-36698
Malicious code in bioql PyPI...
EUVD-2023-27784
Malicious code in bioql PyPI...
EUVD-2023-31790
Malicious code in bioql PyPI...
EUVD-2023-31796
Malicious code in bioql PyPI...
EUVD-2023-36714
Malicious code in bioql PyPI...
CVE-2023-32474
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-32474
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-32454
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
Design/Logic Flaw
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
Arbitrary file deletion
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-32454
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
CVE-2023-32454
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service...
CVE-2023-32474
Dell Display Manager (Windows) versions 2.1.1.17 and earlier are affected by an insecure operation on Windows junction/mount points that an attacker can exploit during installation, allowing arbitrary folder or file deletion. This is a local, low-privilege, high-impact issue (prone to file/system...
CVE-2023-32474
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion...
CVE-2023-39246
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary...
Design/Logic Flaw
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary...
CVE-2023-39246
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server are affected by CVE-2023-39246 due to an Insecure Operation on Windows Junction during installation. The issue allows a local attacker with low privileges and no user interaction to create an arbitrary f...
CVE-2023-39246
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary...
CVE-2023-45159
1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available from the 1E support...