Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,522 vulnerabilities with CWE-59

CVE-2020-16851 HIGH

OneDrive - Elevation of Privilege via Symbolic Link Handling

CVE-2020-7325 MEDIUM

McAfee MVISION Endpoint < 20.9 - Privilege Escalation via Symbolic Link Manipulation

CVE-2020-7319 HIGH

McAfee Endpoint Security < 10.7.0 - Improper Access Control via Symbolic Link Manipulation

CVE-2020-24654 LOW

KDE Ark < 20.08.1 - Arbitrary File Write via Symlink in TAR Archive

CVE-2020-24955 HIGH

SUPERAntiSpyware Professional X < 10.0.1206 - Local Privilege Escalation via NTFS Directory Junction

CVE-2020-24559 HIGH

Trend Micro Apex One/Worry-Free Business Security 10.0 SP1 - RCE

CVE-2020-24556 HIGH

Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Securi...

CVE-2020-25031 HIGH

checkinstall 1.6.2 - Improper Link Resolution Before File Access

CVE-2020-14367 MEDIUM

chrony < 3.5.1 - Denial of Service via PID File Symlink Attack

CVE-2020-15861 HIGH

Net-SNMP < 5.7.3 - Privilege Escalation via Symbolic Link Following

CVE-2020-24332 MEDIUM

TrouSerS <0.3.14 - Privilege Escalation

CVE-2020-6012 HIGH

ZoneAlarm Anti-Ransomware <1.0.713 - Privilege Escalation

CVE-2020-11474 HIGH

NCP Secure Enterprise Client < 10.15 - Symbolic Link Attack via Support Assistant

CVE-2020-15932 HIGH

Overwolf < 0.149.2.30 - Privilege Escalation via Symbolic Link Mishandling

CVE-2020-9682 CRITICAL

Adobe Creative Cloud Desktop Application < 5.1 - Arbitrary File System Write via Symlink Vulnerability

CVE-2020-9670 CRITICAL

Adobe Creative Cloud Desktop Application < 5.1 - Privilege Escalation via Symlink Vulnerability

CVE-2020-3437 MEDIUM

Cisco SD-WAN vManage Software - Info Disclosure

CVE-2020-7282 HIGH

McAfee Total Protection < 16.0.R26 - Privilege Escalation via Symbolic Link Manipulation

CVE-2020-13095 HIGH

Little Snitch <4.5.1 - Privilege Escalation

CVE-2020-15401 MEDIUM

IOBit Malware Fighter Pro 8.0.2.547 - Privilege Escalation

CVE-2020-14990 HIGH

IOBit Advanced SystemCare Free <13.5.0.263 - Privilege Escalation

CVE-2020-14004 HIGH

Icinga < 2.12.0-rc1 - Symlink Attack via prepare-dirs Script

CVE-2020-2026 HIGH

Kata Containers runtime < 1.9.1 - Unauthenticated Arbitrary File Write via Filesystem Mount

CVE-2020-8103 HIGH

Bitdefender Antivirus Free <1.0.17.178 - Privilege Escalation

CVE-2020-13833 CRITICAL

Android O(8.x), P(9.0), Q(10.0) - Arbitrary File Overwrite via Symlink Attack

Previous Page 32 of 61 Next

Details

Vulnerabilities 1,522

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy