Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,518 vulnerabilities with CWE-59

CVE-2024-4454 HIGH

WithSecure Elements Endpoint Protection - Privilege Escalation

CVE-2024-30060 HIGH

Azure Monitor Agent - Privilege Escalation

CVE-2024-32002 CRITICAL

Git <2.45.1-2.39.4 - Code Injection

CVE-2024-30033 HIGH

Windows Search Service - Privilege Escalation

CVE-2024-30018 HIGH

Windows Kernel - Privilege Escalation

CVE-2024-26238 HIGH

Windows 10 21H2 < 10.0.19044.4412 and 22H2 < 10.0.19045.4412 - Elevation of Privilege via PLUGScheduler Scheduled Task

CVE-2024-3037 HIGH

PaperCut NG/MF < 23.0.9 - Arbitrary File Deletion via Web Print

CVE-2024-31952 MEDIUM

Samsung Magician 8.0.0 - Privilege Escalation

CVE-2024-23459 HIGH

Zscaler Client Connector <3.7 - Path Traversal

CVE-2024-28189 CRITICAL

Judge0 <1.13.1 - Privilege Escalation

CVE-2024-28185 CRITICAL

judge0 1.13.0 - Arbitrary File Write and Remote Code Execution via Symlink Attack

CVE-2024-29989 HIGH

Azure Monitor Agent - Privilege Escalation

CVE-2024-28907 HIGH

Windows Server 2022 23H2 < 10.0.25398.830 - Elevation of Privilege via Brokering File System Link Resolution

CVE-2024-26216 HIGH

Windows Server 2008/2012/2016/2019/2022 Elevation of Privilege via File Server Resource Management Service

CVE-2024-26158 HIGH

Windows 10/11, Windows Server 2008-2012 Elevation of Privilege via Improper Link Resolution

CVE-2024-21447 HIGH

Windows 10/11, Server 2022 Privilege Escalation via Improper Link Resolution

CVE-2024-25953 MEDIUM

Dell PowerScale OneFS 9.4.0.x-9.7.0.x - Denial of Service and Information Tampering via Symlink Following

CVE-2024-25952 MEDIUM

Dell PowerScale OneFS 8.2.2.x-9.7.0.x - Denial of Service and Information Tampering via Symlink Following

CVE-2024-29188 HIGH

WiX toolset < 3.14.1 and < 4.0.5 - Unauthenticated Directory Deletion via RemoveFolderEx Junction Attack

CVE-2024-28916 HIGH

Xbox Gaming Services < 19.87.13001.0 - Elevation of Privilege via Improper Link Resolution

CVE-2024-1753 HIGH

Podman < 4.9.4 and < 5.0.1 - Unauthenticated Container Escape via Symbolic Link Mount

CVE-2024-26199 HIGH

Microsoft 365 Apps - Elevation of Privilege via Improper Link Resolution

CVE-2024-21432 HIGH

Windows 10 - Elevation of Privilege via Improper Link Resolution

CVE-2024-23285 MEDIUM

macOS < 14.4 - Unprotected User Data Exposure via Symlink Handling

CVE-2024-0068 MEDIUM

HYPR Workforce Access < 8.7.1 - File Manipulation via Improper Link Resolution

Previous Page 16 of 61 Next

Details

Vulnerabilities 1,518

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy