Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,523 vulnerabilities with CWE-59

CVE-2016-1255 HIGH

postgresql-common - Privilege Escalation

CVE-2016-3108 HIGH

pulp < 2.8.2-1 - Arbitrary File Write via Symlink Attack

CVE-2016-10374 MEDIUM

perltidy < 2016-03-02 - Arbitrary File Overwrite via Symlink Attack

CVE-2016-9774 HIGH

Debian Linux - Symlink Following

CVE-2016-7619 MEDIUM

iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Arbitrary File Write via Symlink in libarchive

CVE-2016-4679 MEDIUM

iPhone OS < 10.1, macOS < 10.12.1, tvOS < 10.0.1, watchOS < 3.1 - Arbitrary File Write via libarchive Symlink

CVE-2016-6253 HIGH

NetBSD <7.0 - Local Privilege Escalation

CVE-2016-9566 HIGH

Nagios < 4.2.3 - Privilege Escalation via Symlink Attack on Log File

CVE-2016-6664 HIGH

Oracle MySQL, MariaDB, Percona Server, Percona XtraDB Cluster - Privilege Escalation via Symlink Attack

CVE-2016-1247 HIGH

nginx <1.6.2-5+deb8u3 - Privilege Escalation

CVE-2016-7490 HIGH

Teradata Studio Express 15.12.00.00 - Privilege Escalation via Insecure /tmp File Creation

CVE-2016-3096 HIGH

Fedora < 1.9.6 - Symlink Following

CVE-2015-3147 MEDIUM

Automatic Bug Reporting Tool - Arbitrary File Write via Symlink Attack

CVE-2015-1869 HIGH

Automatic Bug Reporting Tool - Privilege Escalation via Symlink Attack on var_log_messages

CVE-2015-0796 MEDIUM

open buildservice 2.4-2.4.8 - Unrestricted Upload of File with Dangerous Type via Source Service Patch Application

CVE-2015-7529 HIGH

sos 3.0-3.8 - Local Privilege Escalation via Symlink Attack on Temporary Archive File

CVE-2015-5705 HIGH

devscripts <2.15.7 - Command Injection

CVE-2015-5701 MEDIUM

mktexlsr <36855 - Local File Write

CVE-2015-5700 MEDIUM

texlive <36625 - Info Disclosure

CVE-2015-3211 MEDIUM

php-fpm - Arbitrary File Write via Symlink Attack

CVE-2015-3156 MEDIUM

OpenStack Trove < 2014.2.4 - Symlink Attack via Temporary File in Configuration Functions

CVE-2015-3149 MEDIUM

Red Hat Enterprise Linux - Arbitrary File Write via Symlink Attack in Hotspot Component

CVE-2015-3315 HIGH

ABRT raceabrt Privilege Escalation

CVE-2015-6240 HIGH

Ansible < 1.9.2 - Symlink Attack via Chroot, Jail, and Zone Connection Plugins

CVE-2015-8326 MEDIUM

IPTables-Parse <1.6 - Local File Write

Previous Page 41 of 61 Next

Details

Vulnerabilities 1,523

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy