Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,500)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-30642 1Trendmicro 1Deep Security Agent Sep 9, 2025 Jun 17, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain...Show more A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2025-30641 1Trendmicro 1Deep Security Agent Sep 9, 2025 Jun 17, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must...Show more A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2025-30640 1Trendmicro 1Deep Security Agent Sep 9, 2025 Jun 17, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute...Show more A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2025-49157 1Trendmicro 1Apex One Sep 9, 2025 Jun 17, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability...Show more A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2025-49156 1Trendmicro 1Apex One Sep 9, 2025 Jun 17, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute...Show more A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2025-0913 1Golang 1Go Aug 8, 2025 Jun 11, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 os.OpenFile(path, os.O_CREATE\|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windo...Show more os.OpenFile(path, os.O_CREATE\|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.Show less
CVE-2025-33075 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 9, 2025 Jun 10, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-32721 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jul 10, 2025 Jun 10, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-5474 12brightsparks 1Syncbackfree Aug 18, 2025 Jun 6, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker mu...Show more 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. User interaction on the part of an administrator is also required. The specific flaw exists within the Mirror functionality. By creating a junction, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-26962.Show less
CVE-2025-36564 1Dell 1Encryption Jan 15, 2026 Jun 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation.
CVE-2024-54189 1Parallels 1Parallels Desktop Jul 2, 2025 Jun 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service writes to a file owned by...Show more A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By using a hard link, an attacker can write to an arbitrary file, potentially leading to privilege escalation.Show less
CVE-2024-52561 1Parallels 1Parallels Desktop Jul 2, 2025 Jun 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies t...Show more A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change the ownership of files owned by root to a lower-privilege user, potentially leading to privilege escalation.Show less
CVE-2024-36486 1Parallels 1Parallels Desktop Jul 2, 2025 Jun 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740). When an archived virtual machine is restored, the prl_vmarchiver t...Show more A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740). When an archived virtual machine is restored, the prl_vmarchiver tool decompresses the file and writes the content back to its original location using root privileges. An attacker can exploit this process by using a hard link to write to an arbitrary file, potentially resulting in privilege escalation.Show less
CVE-2024-11857 - - Jun 2, 2025 Jun 2, 2025 8.5 HIGH· v4 7.8 HIGH· v3 N/A· v2 Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with regular privileges can create a symbolic link with the same name as a specific file, causing the product to delete arbitrary fil...Show more Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with regular privileges can create a symbolic link with the same name as a specific file, causing the product to delete arbitrary files pointed to by the link. Subsequently, attackers can leverage arbitrary file deletion to privilege escalation.Show less
CVE-2025-31198 1Apple 1Macos Apr 2, 2026 May 29, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A path handling issue was addressed with improved validation.
CVE-2025-47181 1Microsoft 1Edge Update Jul 8, 2025 May 22, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
CVE-2025-2102 - - May 21, 2025 May 21, 2025 5.7 MEDIUM· v4 N/A· v3 N/A· v2 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1.
CVE-2025-3908 1Openvpn 1Openvpn3linux Jun 12, 2025 May 19, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destina...Show more The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory.Show less
CVE-2025-4211 - - May 16, 2025 May 16, 2025 7.3 HIGH· v4 N/A· v3 N/A· v2 Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious Files. Issue origina...Show more Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially allows Symlink Attacks and the use of Malicious Files. Issue originates from CVE-2024-38081. The vulnerability arises from the use of the GetTempPath API, which can be exploited by attackers to manipulate temporary file paths, potentially leading to unauthorized access and privilege escalation. The affected public API in the Qt Framework is QDir::tempPath() and anything that uses it, such as QStandardPaths with TempLocation, QTemporaryDir, and QTemporaryFile.This issue affects all version of Qt up to and including 5.15.18, from 6.0.0 through 6.5.8, from 6.6.0 through 6.8.1. It is fixed in Qt 5.15.19, Qt 6.5.9, Qt 6.8.2, 6.9.0Show less
CVE-2025-20003 - - May 16, 2025 May 13, 2025 7.3 HIGH· v4 8.2 HIGH· v3 N/A· v2 Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

Previous 1...101112...75 Next