Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,523 vulnerabilities with CWE-59

CVE-2015-7724 HIGH

AMD fglrx-driver <15.9 - Privilege Escalation

CVE-2015-7723 HIGH

AMD fglrx-driver <15.7 - Privilege Escalation

CVE-2015-8860 HIGH

Nodejs Node.js < 1.8.4 - Symlink Following

CVE-2015-0858 LOW

Debian Linux - Symlink Following

CVE-2015-6566 HIGH

Zarafa Collaboration Platform < 7.2.1 - Privilege Escalation via Symlink Attack on /tmp/zarafa-vacation-*

CVE-2015-7758 LOW

Gummi 0.6.5 - Path Traversal

ABRT sosreport Privilege Escalation

Automatic Bug Reporting Tool < 2.7.1 - Arbitrary File Write via Symlink Attack on unpacked.cpio

dracut < 037-17.30.1 - Symlink Attack via /tmp/dracut_block_uuid.map

Apport < 2.19 - Denial of Service and Privilege Escalation via Symlink Attack on vmcore.log

lxc <1.0.8, <1.1.4 - Privilege Escalation

vzctl < 4.9.3 - Symlink Attack via VE Private Directory

Apple iOS <8.4.1 - Privilege Escalation

Apple iOS <8.4.1 - Privilege Escalation

LXC < 1.1.2 - Arbitrary File Creation via Symlink Attack on /run/lock/lxc/*

Zarafa Collaboration Platform <7.1.13, <7.2.1 - Local File Write

Opensuse < 20150322 - Symlink Following

GNU Parallel < 20150422 - Arbitrary File Write via Symlink Attack on Temporary File

CVE-2015-3629 HIGH

Libcontainer 1.6.0 - Privilege Escalation

Libcontainer <1.6.1 - Privilege Escalation

CVE-2015-1130 HIGH KEV

Apple OS X Rootpipe Privilege Escalation

ARJ Archiver < 3.10.22 - Directory Traversal via Symlink in Archive

Webmin < 1.720 - Arbitrary File Read via Symlink Attack in Read Mail Module

GNU patch <2.7.1 - Remote Code Execution

pax 1:20140703 - Arbitrary File Write via Symlink Attack

Previous Page 42 of 61 Next

Details

Vulnerabilities 1,523

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy