Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,522 vulnerabilities with CWE-59

CVE-2020-27643 MEDIUM

1E Client 5.0.0.745-4.1.0.267 - Privilege Escalation

CVE-2020-27172 CRITICAL

G-Data <25.5.9.25 - Privilege Escalation

CVE-2020-35766 HIGH

OpenDKIM < 2.10.3 - Privilege Escalation via Symlink Attack on /tmp/testkeys

CVE-2020-28641 HIGH

Malwarebytes Endpoint Protection < 1.2.0.849 - Arbitrary File Deletion via Symbolic Link

CVE-2020-26277 MEDIUM

DBdeployer <1.58.2 - Privilege Escalation

CVE-2020-10003 HIGH

iPadOS < 14.2 - Privilege Escalation via Symlink Path Validation Flaw

CVE-2020-28935 MEDIUM

Nlnetlabs Name Server Daemon < 4.3.4 - Symlink Following

CVE-2020-29529 HIGH

HashiCorp go-slug <0.5.0 - Path Traversal

CVE-2020-5797 MEDIUM

TP-Link Archer C9(US)_V1_180125 - Info Disclosure

CVE-2020-25989 HIGH

pritunl-client-electron 1.0.1116.6-1.2.2550.20 - Privilege Escalation via Arbitrary File Write

CVE-2020-27697 HIGH

Trend Micro Security 2020 < 16.0 - DLL Hijacking via Symlink Attack

CVE-2020-23968 HIGH

Ilex International Sign&go Workstation Security Suite 7.1 - Privilege Escalation via Symlink Attack

CVE-2020-5795 MEDIUM

TP-Link Archer A7(US)_V5_200721 - RCE

CVE-2020-6015 MEDIUM

Check Point Endpoint Security <E84.10 - DoS

CVE-2020-16007 HIGH

Google Chrome < 86.0.4240.183 - Privilege Escalation via Crafted Filesystem

CVE-2020-9901 HIGH

iPadOS < 13.6 - Privilege Escalation via Symlink Path Validation Flaw

CVE-2020-9900 HIGH

iPadOS < 13.6 - Privilege Escalation via Symlink Path Validation Flaw

CVE-2020-16939 HIGH

Windows Group Policy - Elevation of Privilege via Improper Access Check

CVE-2020-25776 HIGH

Trend Micro Antivirus for Mac 2020 - Privilege Escalation via Symbolic Link Attack

CVE-2020-24562 HIGH

Trend Micro OfficeScan XG SP1 - Privilege Escalation

CVE-2020-17365 HIGH

Hotspot Shield VPN client <10.3.0 - Privilege Escalation

CVE-2020-6546 HIGH

Google Chrome < 84.0.4147.125 - Privilege Escalation via Crafted Filesystem

CVE-2020-25744 HIGH

SaferVPN < 5.0.3.3 - Arbitrary File Overwrite via Symlink Following

CVE-2020-25289 MEDIUM

AVAST SecureLine VPN < 5.6.4982.470 - Arbitrary File Write via Symbolic Link

CVE-2020-16853 HIGH

OneDrive - Elevation of Privilege via Symbolic Link Handling

Previous Page 31 of 61 Next

Details

Vulnerabilities 1,522

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy