Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,523 vulnerabilities with CWE-59

CVE-2019-18658 CRITICAL

Helm 2.0.0-2.15.1 - Symlink Following and Denial of Service via Malicious Chart

CVE-2019-18645 MEDIUM

Total Defense Anti-virus <11.5.2.28 - Privilege Escalation

CVE-2019-18466 MEDIUM

libpod < 1.6.0 - Arbitrary File Overwrite via Symlink Resolution in Host Copy Operation

CVE-2019-15627 HIGH

Trend Micro Deep Security Agent 10.0, 11.0, 12.0 - Arbitrary File Deletion via Improper Link Resolution

CVE-2019-1339 HIGH

Windows Error Reporting < - Privilege Escalation

CVE-2019-1317 HIGH

Windows 10 and Windows Server 2016/2019 - Denial of Service via Hard Link Handling

CVE-2019-1315 HIGH KEV

Windows Error Reporting < - Privilege Escalation

CVE-2019-12672 MEDIUM

Cisco IOS XE - Authenticated Local Code Execution via USB Device File Placement

CVE-2019-1280 HIGH

Windows - Remote Code Execution via .LNK File Processing

CVE-2019-1270 MEDIUM

Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via Symbolic Link Attack on WindowsApps Directory

CVE-2019-1267 HIGH

Microsoft Windows - Elevation of Privilege via Symbolic Link Attack in Compatibility Appraiser

CVE-2019-1253 HIGH KEV

Windows 10 1703-1903 and Windows Server 1803-2019 - Privilege Escalation via AppX Deployment Server Junction Handling

CVE-2019-11396 HIGH

Avira Free Security Suite 10 - Privilege Escalation

CVE-2019-1188 HIGH

Windows 10 and Windows Server 2016/2019 - Remote Code Execution via Malicious LNK File Processing

CVE-2019-5683 HIGH

NVIDIA Windows GPU Display Driver - Improper Link Resolution in User Mode Video Driver Trace Logger

CVE-2019-10152 HIGH

libpod < 1.4.0 - Path Traversal and Arbitrary File Write via Symlink Handling

CVE-2019-13382 HIGH

Snagit 2019.1.2 - Privilege Escalation via Symbolic Link in InvalidPresentations

CVE-2019-11230 MEDIUM

Avast Antivirus < 19.4 - Arbitrary File Rename via Symlink Attack on Update.log

CVE-2019-13915 HIGH

b3log Wide < 1.6.0 - Arbitrary File Read and Write via Editor Code Execution, Symlink in ZIP, or Git Repository Import

CVE-2019-13636 MEDIUM

GNU patch < 2.7.6 - Improper Link Resolution in inp.c and util.c

CVE-2019-1130 HIGH KEV

Windows AppX Deployment Service - Privilege Escalation

CVE-2019-1129 HIGH KEV

Windows AppXSVC - Privilege Escalation

CVE-2019-1074 MEDIUM

Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via Symbolic Link Attack

CVE-2019-12573 HIGH

Private Internet Access VPN Client v82 - Authenticated Arbitrary File Overwrite via openvpn_launcher Log Option

CVE-2019-12571 HIGH

Private Internet Access VPN Client v0.9.8 beta - Authenticated Arbitrary File Overwrite

Previous Page 36 of 61 Next

Details

Vulnerabilities 1,523

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy