Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,500)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-44175 1Apple 1Macos Nov 3, 2025 Oct 28, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.
CVE-2024-45316 - - Oct 15, 2024 Oct 11, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary fo...Show more The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.Show less
CVE-2024-45315 - - Nov 1, 2024 Oct 11, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary fo...Show more The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack.Show less
CVE-2024-43603 1Microsoft 4Visual Studio Visual Studio 2017Visual Studio 2019+1 more Oct 17, 2024 Oct 8, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Visual Studio Collector Service Denial of Service Vulnerability
CVE-2024-43551 1Microsoft 12Windows 10 1607 Windows 10 1809Windows 10 21h2+9 more Oct 17, 2024 Oct 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Storage Elevation of Privilege Vulnerability
CVE-2024-43501 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Oct 17, 2024 Oct 8, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-38097 1Microsoft 1Azure Monitor Agent Oct 16, 2024 Oct 8, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-27458 - - Oct 7, 2024 Oct 7, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. HP is releasing mitigation for the potential vulnerability. Customers using HP Pr...Show more A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local escalation of privilege. HP is releasing mitigation for the potential vulnerability. Customers using HP Programmable Key are recommended to update HP Hotkey Support.Show less
CVE-2024-9341 2Containers Redhat 3Common Enterprise LinuxOpenshift Container Platform Dec 11, 2024 Oct 1, 2024 N/A· v4 8.2 HIGH· v3 N/A· v2 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to...Show more A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.Show less
CVE-2024-8404 1Papercut 2Papercut Mf Papercut Ng May 13, 2025 Sep 26, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Win...Show more An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server via the web-print-hot-folder. Important: In most installations, this risk is mitigated by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server. Update: This CVE has been updated in May 2025 to update the fixed version and fix process. Please refer to the May 2025 Security Bulletin. Note: This CVE has been split from CVE-2024-3037.Show less
CVE-2024-45770 - - Nov 12, 2024 Sep 19, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messag...Show more A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.Show less
CVE-2024-46744 1Linux 1Linux Kernel May 12, 2026 Sep 18, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which...Show more In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in pick_link" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason why the corrupted symlink size causes an uninitialised page is due to the following sequence of events: 1. squashfs_read_inode() is called to read the symbolic link from disk. This assigns the corrupted value 3875536935 to inode->i_size. 2. Later squashfs_symlink_read_folio() is called, which assigns this corrupted value to the length variable, which being a signed int, overflows producing a negative number. 3. The following loop that fills in the page contents checks that the copied bytes is less than length, which being negative means the loop is skipped, producing an uninitialised page. This patch adds a sanity check which checks that the symbolic link size is not larger than expected. -- V2: fix spelling mistake.Show less
CVE-2024-44178 1Apple 1Macos Apr 2, 2026 Sep 17, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to modify protected parts of the file system.
CVE-2024-44132 1Apple 1Macos Nov 4, 2025 Sep 17, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.
CVE-2024-44131 1Apple 3Ipados Iphone OsMacos Nov 4, 2025 Sep 17, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
CVE-2024-43470 1Microsoft 1Azure Network Watcher Agent Sep 17, 2024 Sep 10, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-38188 1Microsoft 1Azure Network Watcher Agent Sep 17, 2024 Sep 10, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
CVE-2024-39578 1Dell 1Powerscale Onefs Feb 20, 2026 Aug 31, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of...Show more Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.Show less
CVE-2023-43078 1Dell 346Alienware M15 R6 Firmware Alienware M15 R7 FirmwareAlienware M16 R1 Firmware+343 more Dec 19, 2024 Aug 28, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Dell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folder deletion, which could lead to Privilege Escalation or Denial of Service.
CVE-2024-5928 1Vipre 1Advanced Security Aug 23, 2024 Aug 21, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker...Show more VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Patch Management Agent. By creating a symbolic link, an attacker can abuse the agent to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22315.Show less

Previous 1...161718...75 Next