CWE-59— Improper Link Resolution Before File Access (Link Following)
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.— MITRE CWE catalog
1,471 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-59page 23 of 30
- CVE-2024-38013MEDIUMCVSS 6.7EG 6.72024-07-09
Microsoft Windows Server Backup Elevation of Privilege Vulnerability
- CVE-2024-38022HIGHCVSS 7.0EG 7.02024-07-09
Windows Image Acquisition Elevation of Privilege Vulnerability
- CVE-2024-38081HIGHCVSS 7.3EG 7.32024-07-09
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
- CVE-2024-38084HIGHCVSS 7.8EG 7.82024-08-13
Microsoft OfficePlus Elevation of Privilege Vulnerability
- CVE-2024-38097HIGHCVSS 7.1EG 7.12024-10-08
Azure Monitor Agent Elevation of Privilege Vulnerability
- CVE-2024-38098HIGHCVSS 7.8EG 7.82024-08-13
Azure Connected Machine Agent Elevation of Privilege Vulnerability
- CVE-2024-38188HIGHCVSS 7.1EG 7.12024-09-10
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
- CVE-2024-3829CRITICALCVSS 9.1EG 9.12024-06-03
qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file rea…
- CVE-2024-39578MEDIUMCVSS 6.3EG 6.32024-08-31
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, informatio…
- CVE-2024-43470HIGHCVSS 7.3EG 7.32024-09-10
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
- CVE-2024-43501HIGHCVSS 7.8EG 7.82024-10-08
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2024-43551HIGHCVSS 7.8EG 7.82024-10-08
Windows Storage Elevation of Privilege Vulnerability
- CVE-2024-43603MEDIUMCVSS 5.5EG 5.52024-10-08
Visual Studio Collector Service Denial of Service Vulnerability
- CVE-2024-44131MEDIUMCVSS 5.5EG 5.52024-09-17
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
- CVE-2024-44132HIGHCVSS 8.8EG 8.42024-09-17
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.
- CVE-2024-44175MEDIUMCVSS 5.5EG 5.52024-10-28
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.
- CVE-2024-44178MEDIUMCVSS 5.5EG 5.52024-09-17
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to modify protected parts of the file system.
- CVE-2024-44211MEDIUMCVSS 5.5EG 7.52024-12-20
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.
- CVE-2024-44258HIGHCVSS 7.1EG 7.12024-10-28
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted backup file may lead to modification of pr…
- CVE-2024-44264MEDIUMCVSS 5.5EG 5.52024-10-28
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious app may be able to create symlinks to protected regions of the disk.
- CVE-2024-44273MEDIUMCVSS 5.5EG 5.52024-10-28
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A malicious app may be able to access private inf…
- CVE-2024-4454HIGHCVSS 7.8EG 7.32024-05-22
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User in…
- CVE-2024-45315MEDIUMCVSS 5.5EG 5.52024-10-11
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, po…
- CVE-2024-45316HIGHCVSS 7.8EG 7.82024-10-11
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, po…
- CVE-2024-45418MEDIUMCVSS 5.4EG 5.42025-02-25
Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access.
- CVE-2024-45770MEDIUMCVSS 4.4EG 4.42024-09-19
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. U…
- CVE-2024-46744HIGHCVSS 7.8EG 7.82024-09-18
In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately cause…
- CVE-2024-4712HIGHCVSS 7.8EG 6.02024-05-14
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist …
- CVE-2024-47480HIGHCVSS 7.8EG 7.82024-12-18
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege attacker with local access may exploit this vulnerability, potentially resulting in Elevation…
- CVE-2024-48862CRITICALCVSS 9.8EG 9.82024-11-22
A link following vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers to traverse the file system to unintended locations and read or overwrite the contents of unexpected file…
- CVE-2024-49051HIGHCVSS 7.8EG 7.82024-11-12
Microsoft PC Manager Elevation of Privilege Vulnerability
- CVE-2024-49059HIGHCVSS 7.0EG 7.02024-12-12
Microsoft Office Elevation of Privilege Vulnerability
- CVE-2024-49107HIGHCVSS 7.3EG 7.32024-12-12
WmsRepair Service Elevation of Privilege Vulnerability
- CVE-2024-50404HIGHCVSS 8.8EG 8.82024-12-06
A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed …
- CVE-2024-5102HIGHCVSS 7.0EG 7.02024-06-10
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (se…
- CVE-2024-51721HIGHCVSS 7.3EG 7.32024-11-12
A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would…
- CVE-2024-52050HIGHCVSS 7.8EG 7.82024-12-31
A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged co…
- CVE-2024-52522MEDIUMCVSS 5.4EG 5.42024-11-15
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indi…
- CVE-2024-52535HIGHCVSS 7.1EG 7.12024-12-25
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component. A low-privileged authe…
- CVE-2024-52537MEDIUMCVSS 6.3EG 6.32024-12-11
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
- CVE-2024-52542MEDIUMCVSS 4.4EG 4.42024-12-17
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering.
- CVE-2024-52561HIGHCVSS 7.8EG 7.82025-06-03
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the…
- CVE-2024-53691HIGHCVSS 8.8EG 8.82024-12-06
A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations…
- CVE-2024-54189HIGHCVSS 7.8EG 7.82025-06-03
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By …
- CVE-2024-54554MEDIUMCVSS 5.5EG 5.52025-08-29
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.
- CVE-2024-56074MEDIUMCVSS 5.5EG 5.52024-12-15
gitingest before 9996a06 mishandles symbolic links that point outside of the base directory.
- CVE-2024-5742MEDIUMCVSS 6.7EG 4.72024-06-12
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a…
- CVE-2024-57728HIGHCVSS 7.2EG 9.0⚠ KEV2025-01-15
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in t…
- CVE-2024-5928HIGHCVSS 7.8EG 7.82024-08-21
VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain t…
- CVE-2024-6147HIGHCVSS 7.8EG 7.82024-06-20
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to …
Map vulnerabilities like CWE-59 to your infrastructure
EchelonGraph correlates every CVE — across CWE-59 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →