Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,518 vulnerabilities with CWE-59

CVE-2024-38098 HIGH

Azure Connected Machine Agent - Privilege Escalation

CVE-2024-38084 HIGH

Microsoft OfficePlus - Privilege Escalation

CVE-2024-7252 HIGH

Comodo Internet Security Pro - Local Privilege Escalation via Symbolic Link Attack on cmdagent

CVE-2024-7251 HIGH

Comodo Internet Security Pro - Local Privilege Escalation via Symbolic Link in cmdagent

CVE-2024-7250 HIGH

Comodo Internet Security Pro - Local Privilege Escalation via Symbolic Link Attack in cmdagent

CVE-2024-7249 HIGH

Comodo Firewall - Local Privilege Escalation via Symbolic Link Abuse in cmdagent

CVE-2024-29069 MEDIUM

snapd < 2.62 - Unauthenticated Arbitrary File Read via Malicious Snap Symbolic Links

CVE-2024-38081 HIGH

Microsoft .NET and .NET Framework - Elevation of Privilege

CVE-2024-38022 HIGH

Windows Image Acquisition - Privilege Escalation

CVE-2024-38013 MEDIUM

Microsoft Windows Server Backup - Privilege Escalation

CVE-2024-35261 HIGH

Azure Network Watcher Agent < 1.4.3320.1 - Elevation of Privilege via Improper Link Resolution

CVE-2024-6147 HIGH

Poly Plantronics Hub - Privilege Escalation

CVE-2024-5742 MEDIUM

GNU Nano 2.2.0-8.0 - Privilege Escalation via Emergency File Symlink

CVE-2024-35254 HIGH

Azure Monitor Agent < 1.26.0 - Elevation of Privilege via Improper Link Resolution

CVE-2024-35253 MEDIUM

Microsoft Azure File Sync 16.0.0.0-17.2.0.0 - Elevation of Privilege via Improper Link Resolution

CVE-2024-30104 HIGH

Microsoft 365 Apps and Office - Remote Code Execution via Improper Link Resolution

CVE-2024-30093 HIGH

Windows Storage - Privilege Escalation

CVE-2024-30076 MEDIUM

Windows Container Manager Service - Privilege Escalation

CVE-2024-30065 MEDIUM

Windows 10 1507-22H2, Windows 11 21H2-23H2, Windows Server 2012-2022 - Denial of Service via Theme File Handling

CVE-2024-35235 MEDIUM

OpenPrinting CUPS < 2.4.8 - Arbitrary File Permission Change via Symbolic Link Listen Configuration

CVE-2024-36306 MEDIUM

Trend Micro Apex One 14.0-14.0.0.12980 - Denial of Service via Link Following

CVE-2024-36305 HIGH

Trend Micro Apex One - Privilege Escalation

CVE-2024-27885 MEDIUM

macOS <14.5-13.6.7-12.7.5 - Info Disclosure

CVE-2024-5102 HIGH

Avast Antivirus <24.2 - Privilege Escalation

CVE-2024-3829 CRITICAL

qdrant/qdrant < 1.9.0 - Arbitrary File Read and Write via Snapshot Recovery Symlink Manipulation

Previous Page 15 of 61 Next

Details

Vulnerabilities 1,518

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy