Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,525 vulnerabilities with CWE-59

Nagios Core < 3.5.1 - Arbitrary File Write via Symlink Attack on RSS Newsfeed Cache

Red Hat OpenStack - Arbitrary File Overwrite via Symlink Attack on Temporary Nagios Configuration File

CVE-2013-4392 MEDIUM

systemd < 239 - Symlink Attack via File Permission Update

Red Hat Storage 2.0 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

txt2man 1.5.5-2 1.5.5-4 - Arbitrary File Overwrite via Symlink Attack

Phusion Passenger < 4.0.6 - Privilege Escalation via Symlink Attack on Predictable /tmp Directory

Suds 0.4 - Symlink Attack via Predictable Cache File in /tmp/suds/

GNOME Display Manager < 2.21.1 - Local Privilege Escalation via Symlink Attack on /tmp/.X11-unix/

Request Tracker <3.8.17, <4.0.13 - Local Privilege Escalation

pip < 1.3 - Arbitrary File Overwrite via Symlink Attack on Temporary Directory

JBoss Enterprise Web Server 1.0.2 and 2.0.0 - Symlink Attack via Tomcat Init Script Log Files

Google Chrome OS <26.0.1410.57 - Info Disclosure

Oracle Support Tools < 4.3.2 - Arbitrary File Modification via Symlink Attack

FusionForge 5.0-5.2 - Symlink and Hard Link Attack via Multiple Scripts

CVE-2013-0261 HIGH

OpenStack Essex - Arbitrary File Write via Symlink Attack on Predictable Temporary File

HP Linux Imaging and Printing Project < 3.12.4 - Arbitrary File Write via Symlink Attack on Temporary Files

CVE-2012-1093 HIGH

Debian x11-common <7.6+12 - Privilege Escalation

CVE-2012-6114 MEDIUM

git-extras 1.7.0 - Arbitrary File Overwrite via Symlink Attack on Temporary Files

CVE-2012-2945 HIGH

Hadoop 1.0.3 - Symlink Vulnerability

systemd < 37 - Arbitrary File Write via Symlink Attack on X11 User Directory

iproute2 <3.3.0 - Local Privilege Escalation

augeas < 1.0.0 - Arbitrary File Overwrite via Symlink Attack on .augnew File

Android Debug Bridge <4.1.1 - Local Privilege Escalation

Centrify Deployment Manager 2.1.0.283 - Arbitrary File Write via Symlink Attack on Temporary Files

IBM Advanced Settings Utility & Bootable Media Creator - Arbitrary File Write via Symlink Attack

Previous Page 46 of 61 Next

Details

Vulnerabilities 1,525

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy