Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,520 vulnerabilities with CWE-59

CVE-2022-25856 HIGH

argo-events < 1.7.1 - Path Traversal in GitArtifactReader

CVE-2022-28225 HIGH

Yandex Browser < 22.3.3.684 - Local Privilege Escalation via Symlink Manipulation

CVE-2022-31219 HIGH

Drive Composer - Privilege Escalation

CVE-2022-31218 HIGH

Drive Composer - Privilege Escalation

CVE-2022-31217 HIGH

Drive Composer - Privilege Escalation

CVE-2022-31216 HIGH

Drive Composer - Privilege Escalation

CVE-2022-30687 HIGH

Trend Micro Maximum Security 2022 - SSRF

CVE-2022-26704 HIGH

macOS Monterey <12.4 - Privilege Escalation

CVE-2022-26688 MEDIUM

macOS 10.15-10.15.6 and 11.0-11.6.4 - Arbitrary File Write via Symlink Handling

CVE-2022-30321 HIGH

HashiCorp go-getter < 1.5.11, 2.0.2 - Path Traversal and Command Injection

CVE-2022-31466 HIGH

Quick Heal Total Security <12.1.1.27 - Privilege Escalation

CVE-2022-31258 HIGH

Checkmk <2.1.0b10 - Privilege Escalation

CVE-2022-24904 MEDIUM

Argo CD 0.7.0-2.1.14 - Authenticated Sensitive File Leak via Symlink Following

CVE-2022-30523 HIGH

Trend Micro Password Manager < 5.0.0.1270 - Privilege Escalation via Link Following

CVE-2022-23742 HIGH

Check Point Endpoint Security Client for Windows < E86.40 - Privilege Escalation via Hard Link Attack

CVE-2022-30333 HIGH KEV

UnRAR Path Traversal (CVE-2022-30333)

CVE-2022-20103 MEDIUM

Android - Local Information Disclosure via Symbolic Link Following

CVE-2022-20085 MEDIUM

Android - Local Privilege Escalation via Symbolic Link Following in netdiag

CVE-2022-24372 MEDIUM

Linksys MR9600 <2.0.5 - Info Disclosure

CVE-2022-20720 MEDIUM

Cisco IOS XE IOx Application Hosting - Symlink Path Traversal

CVE-2022-1256 HIGH

McAfee Agent < 5.7.6 - Local Privilege Escalation via Symbolic Link Manipulation

CVE-2022-22962 HIGH

VMware Horizon < 2203 - Local Privilege Escalation via Symbolic Link Manipulation

CVE-2022-20068 MEDIUM

Android - Local Privilege Escalation via Symbolic Link Following in mobile_log_d

CVE-2022-27883 HIGH

Trend Micro Antivirus for Mac < 11.5 - Privilege Escalation via Symlink Attack

CVE-2022-26612 CRITICAL

Apache Hadoop < 3.2.3 - Arbitrary File Write via Symlink Bypass on Windows

Previous Page 24 of 61 Next

Details

Vulnerabilities 1,520

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy