Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,520 vulnerabilities with CWE-59

CVE-2023-36394 HIGH

Windows Search Service - Privilege Escalation

CVE-2023-36047 HIGH

Windows 10/11 Elevation of Privilege via Improper Link Resolution

CVE-2023-36046 HIGH

Windows 11/Server 2022 DoS via Improper Link Resolution

CVE-2023-6069 CRITICAL

GitHub froxlor/froxlor <2.1.0 - Info Disclosure

CVE-2023-5834 LOW

HashiCorp Vagrant < 2.4.0 - Unauthorized File System Writes via Windows Junction

CVE-2023-42844 HIGH

macOS 12.0.0-12.7.1 - Unprotected User Data Exposure via Symlink Resolution

CVE-2023-46655 MEDIUM

Jenkins CloudBees CD Plugin <1.1.32 - Path Traversal

CVE-2023-46654 HIGH

Jenkins CloudBees CD Plugin <1.1.32 - Privilege Escalation

CVE-2023-28797 MEDIUM

Zscaler Client Connector <4.1 - Code Injection

CVE-2023-36737 HIGH

Azure Network Watcher VM Agent - Privilege Escalation

CVE-2023-36723 HIGH

Windows Container Manager Service - Privilege Escalation

CVE-2023-36711 HIGH

Windows Runtime C++ Template Library - Privilege Escalation

CVE-2023-36568 HIGH

Microsoft Office Click-To-Run - Privilege Escalation

CVE-2023-45159 HIGH

1E Client - Arbitrary File Deletion via Symbolic Link

CVE-2023-41968 MEDIUM

iPadOS < 17.0 - Arbitrary File Read via Symlink Validation Bypass

CVE-2023-32182 MEDIUM

openSUSE Leap 15.5 - Improper Link Resolution Before File Access in postfix

CVE-2023-36758 HIGH

Visual Studio - Privilege Escalation

CVE-2023-4759 HIGH

Eclipse JGit <= 6.6.0 - Arbitrary File Overwrite via Symbolic Link on Case-Insensitive Filesystem

CVE-2023-32163 HIGH

Wacom Drivers for Windows - Local Privilege Escalation via Symbolic Link

CVE-2023-34723 HIGH

TechView LA-5570 Wireless Gateway 1.0.19_T53 - Sensitive Information Exposure via /config/system.conf

CVE-2023-40028 MEDIUM

Ghost < 5.59.1 - Authenticated Arbitrary File Read via Symlink Upload

CVE-2023-38175 HIGH

Microsoft Windows Defender - Privilege Escalation

CVE-2023-36903 HIGH

Windows System Assessment Tool - Privilege Escalation

CVE-2023-36876 HIGH

Reliability Analysis Metrics Calculation - Privilege Escalation

CVE-2023-35379 HIGH

Windows Server 2008 - Elevation of Privilege via RACEng Link Resolution

Previous Page 19 of 61 Next

Details

Vulnerabilities 1,520

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy