Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,501)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-21432 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Nov 29, 2024 Mar 12, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-23285 1Apple 1Macos Apr 2, 2026 Mar 8, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk.
CVE-2024-0068 1Hypr 1Workforce Access Mar 4, 2025 Feb 29, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1.
CVE-2023-42942 1Apple 6Ipad Os IpadosIphone Os+3 more Nov 4, 2025 Feb 21, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious ap...Show more This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.Show less
CVE-2024-21397 1Microsoft 1Azure File Sync Nov 21, 2024 Feb 13, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Microsoft Azure File Sync Elevation of Privilege Vulnerability
CVE-2024-21329 1Microsoft 1Azure Connected Machine Agent Nov 21, 2024 Feb 13, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2024-1329 1Hashicorp 1Nomad Nov 21, 2024 Feb 8, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. This vulnerability, CVE-2024-1329,...Show more HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. This vulnerability, CVE-2024-1329, is fixed in Nomad 1.7.4, 1.6.7, and 1.5.14.Show less
CVE-2023-32474 1Dell 1Display Manager Nov 21, 2024 Feb 6, 2024 N/A· v4 6.6 MEDIUM· v3 N/A· v2 Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leadin...Show more Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion Show less
CVE-2023-32454 1Dell 1Update Package Framework Nov 21, 2024 Feb 6, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to d...Show more DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service Show less
CVE-2023-7216 2Gnu Redhat 2Cpio Enterprise Linux Feb 25, 2026 Feb 5, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver...Show more A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.Show less
CVE-2023-52138 1Mate Desktop 1Engrampa Feb 13, 2025 Feb 5, 2024 N/A· v4 9.6 CRITICAL· v3 N/A· v2 Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution (RCE) on the target. While hand...Show more Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can be leveraged to achieve full Remote Command Execution (RCE) on the target. While handling CPIO archives, the Engrampa Archive manager follows symlink, cpio by default will follow stored symlinks while extracting and the Archiver will not check the symlink location, which leads to arbitrary file writes to unintended locations. When the victim extracts the archive, the attacker can craft a malicious cpio or ISO archive to achieve RCE on the target system. This vulnerability was fixed in commit 63d5dfa.Show less
CVE-2023-52338 1Trendmicro 2Deep Security Deep Security Agent Nov 21, 2024 Jan 23, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Plea...Show more A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2023-52094 1Trendmicro 1Apex One Jun 20, 2025 Jan 23, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installation...Show more An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2023-52092 1Trendmicro 1Apex One Jun 20, 2025 Jan 23, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute lo...Show more A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2023-52091 1Trendmicro 1Apex One Jun 20, 2025 Jan 23, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to exec...Show more An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2023-52090 1Trendmicro 1Apex One Jun 20, 2025 Jan 23, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute lo...Show more A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2023-47192 1Trendmicro 1Apex One Jun 17, 2025 Jan 23, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute l...Show more An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2023-6336 1Hypr 1Workforce Access Nov 21, 2024 Jan 16, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
CVE-2023-6335 1Hypr 1Workforce Access Nov 21, 2024 Jan 16, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
CVE-2023-42137 1Paxtechnology 1Paydroid Nov 21, 2024 Jan 15, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow for command execution with high privileges by using malicious symlinks. The attacker must have shell access to the...Show more PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow for command execution with high privileges by using malicious symlinks. The attacker must have shell access to the device in order to exploit this vulnerability.Show less

Previous 1...202122...76 Next