Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,502)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-3690 1Opensuse 1Leap Nov 21, 2024 Dec 5, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control...Show more The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.Show less
CVE-2019-3750 1Dell 1Command Update Nov 21, 2024 Dec 3, 2019 N/A· v4 5.5 MEDIUM· v3 3.6 LOW· v2 Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files...Show more Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.Show less
CVE-2019-3749 1Dell 1Command Update Nov 21, 2024 Dec 3, 2019 N/A· v4 5.5 MEDIUM· v3 3.6 LOW· v2 Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files...Show more Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\ICProgress\Dell_InventoryCollector_Progress.xml" to any targeted file. This issue occurs because permissions on the Temp directory were set incorrectly.Show less
CVE-2011-3632 3Debian Hardlink ProjectRedhat 3Debian Linux Enterprise LinuxHardlink Nov 21, 2024 Nov 26, 2019 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.
CVE-2011-3351 1Openvas 1Openvas Scanner Nov 21, 2024 Nov 25, 2019 N/A· v4 7.1 HIGH· v3 6.6 MEDIUM· v2 openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink...Show more openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink attacks to overwrite arbitrary files on the system.Show less
CVE-2019-17445 1Eracent 6Eda Agent Epa AgentEpm Agent+3 more Nov 21, 2024 Nov 22, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other...Show more An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following.Show less
CVE-2019-19191 1Shibboleth 1Service Provider Nov 21, 2024 Nov 21, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to ro...Show more Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by the service user (the shibd account) after installation. This allows the user to escalate to root by pointing symlinks to files such as /etc/shadow.Show less
CVE-2014-1938 1Rply Project 1Rply Nov 21, 2024 Nov 21, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 python-rply before 0.7.4 insecurely creates temporary files.
CVE-2011-2924 3Debian FedoraprojectLinuxfoundation 3Debian Linux FedoraFoomatic Filters Nov 21, 2024 Nov 19, 2019 N/A· v4 5.5 MEDIUM· v3 3.3 LOW· v2 foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduc...Show more foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.Show less
CVE-2011-2923 2Debian Linuxfoundation 2Debian Linux Foomatic Filters Nov 21, 2024 Nov 19, 2019 N/A· v4 5.5 MEDIUM· v3 3.3 LOW· v2 foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct s...Show more foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.Show less
CVE-2008-7273 1Getfiregpg 1Iceweasel Firegpg Nov 21, 2024 Nov 18, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.
CVE-2011-1136 2Debian Tesseract Project 2Debian Linux Tesseract Nov 21, 2024 Nov 14, 2019 N/A· v4 4.7 MEDIUM· v3 6.3 MEDIUM· v2 In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.
CVE-2010-4817 2Debian Pithos Project 2Debian Linux Pithos Nov 21, 2024 Nov 13, 2019 N/A· v4 5.5 MEDIUM· v3 3.6 LOW· v2 pithos before 0.3.5 allows overwrite of arbitrary files via symlinks.
CVE-2019-18837 2Crun Project Fedoraproject 2Crun Fedora Nov 21, 2024 Nov 13, 2019 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and lib...Show more An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c.Show less
CVE-2013-4655 1Belkin 1N900 Firmware Nov 21, 2024 Nov 13, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.
CVE-2010-3095 1Mailscanner 1Mailscanner Nov 21, 2024 Nov 12, 2019 N/A· v4 4.7 MEDIUM· v3 3.3 LOW· v2 mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313.
CVE-2019-1425 1Microsoft 2Visual Studio 2017 Visual Studio 2019 Nov 21, 2024 Nov 12, 2019 N/A· v4 6.5 MEDIUM· v3 5.8 MEDIUM· v2 An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'.
CVE-2019-1423 1Microsoft 1Windows 10 Nov 21, 2024 Nov 12, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1...Show more An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1422.Show less
CVE-2019-1422 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Nov 21, 2024 Nov 12, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019...Show more An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423.Show less
CVE-2019-1385 1Microsoft 6Windows 10 1709 Windows 10 1803Windows 10 1809+3 more Oct 29, 2025 Nov 12, 2019 N/A· v4 7.8 HIGH· v3 6.1 MEDIUM· v2 An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated att...Show more An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.Show less

Previous 1...434445...76 Next