Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,520 vulnerabilities with CWE-59

CVE-2022-44747 HIGH

Acronis Cyber Protect Home Office < 40107 - Local Privilege Escalation via Improper Soft Link Handling

CVE-2022-32905 HIGH

macOS < 13.0 - Arbitrary Code Execution via Malicious DMG Symlink Processing

CVE-2022-41973 HIGH

multipath-tools 0.7.7-0.9.1 - Local Privilege Escalation via Symlink Attack

CVE-2022-31256 HIGH

openSUSE Factory sendmail <8.17.1.1 - Privilege Escalation

CVE-2022-39253 MEDIUM

Git < 2.30.6 - Unauthenticated Sensitive Information Exposure via Malicious Symbolic Link in Local Clone

CVE-2022-42725 HIGH

Warpinator < 1.2.14 - Directory Traversal via Symbolic Link

CVE-2022-40710 HIGH

Trend Micro Deep Security Agent - Privilege Escalation via Improper Link Resolution

CVE-2022-38699 MEDIUM

Armoury Crate Service - Privilege Escalation

CVE-2022-40143 HIGH

Trend Micro Apex One - Local Privilege Escalation via Insecure Directory Link Following

CVE-2022-34893 HIGH

Trend Micro Security < 17.7.1179 - Privilege Escalation via Mountpoint Manipulation

CVE-2022-39215 HIGH

tauri < 1.0.6 - Directory Traversal via Symbolic Link in readDir

CVE-2022-36113 MEDIUM

Cargo < 0.65.0 - Arbitrary File Corruption via .cargo-ok Symlink Extraction

CVE-2022-0029 MEDIUM

Palo Alto Networks Cortex XDR Agent 5.0-5.0.11/7.5-7.5.100 Local Privilege Escalation

CVE-2022-26456 MEDIUM

Android - Local Information Disclosure via Symbolic Link Following

CVE-2022-2898 MEDIUM

Measuresoft ScadaPro Server and Client - Denial of Service via Improper Link Resolution

CVE-2022-2897 HIGH

Measuresoft ScadaPro - Privilege Escalation

CVE-2022-34960 CRITICAL

MikroTik RouterOS 7.4beta4 - Arbitrary File Mount via Container Package Symbolic Link Resolution

CVE-2022-36336 HIGH

Trend Micro Apex One/Worry-Free Business Security - Privilege Escal...

CVE-2022-35631 MEDIUM

Velociraptor <0.6.5.2 - Symlink Attack

CVE-2022-31250 HIGH

openSUSE Tumbleweed keylime <6.4.2-1.1 - Privilege Escalation

CVE-2022-32450 HIGH

AnyDesk 7.0.9 - Privilege Escalation via Symbolic Link Attack in Chat Data Handling

CVE-2022-21770 MEDIUM

Android - Local Information Disclosure via Symlink Following in Sound Driver

CVE-2022-2145 MEDIUM

Cloudflare WARP <2022.5.309.0 - Privilege Escalation

CVE-2022-31036 MEDIUM

Argo CD 1.3.0-2.1.15 - Sensitive File Exposure via Symlink Following

CVE-2022-34008 HIGH

Comodo Antivirus 12.2.2.8012 - Privilege Escalation

Previous Page 23 of 61 Next

Details

Vulnerabilities 1,520

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy