Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVEs (1,502)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-1253 1Microsoft 8Windows 10 1703 Windows 10 1709Windows 10 1803+5 more Oct 29, 2025 Sep 11, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka...Show more An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.Show less
CVE-2019-11396 1Avira 2Free Security Suite Software Updater Nov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by...Show more An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to obtain SYSTEM privileges. Arbitrary file creation can be achieved by abusing the SwuConfig.json file creation: an unprivileged user can replace these files by pseudo-symbolic links to arbitrary files. When an update occurs, a privileged service creates a file and sets its access rights, offering write access to the Everyone group in any directory.Show less
CVE-2018-20990 1Tar Project 1Tar Nov 21, 2024 Aug 26, 2019 N/A· v4 7.5 HIGH· v3 6.4 MEDIUM· v2 An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive.
CVE-2018-1634 1Ibm 1Informix Dynamic Server Nov 21, 2024 Aug 20, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. IBM X-Force ID:...Show more IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. IBM X-Force ID: 144437.Show less
CVE-2018-1633 1Ibm 1Informix Dynamic Server Nov 21, 2024 Aug 20, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. IBM X-Force ID: 144434.
CVE-2018-1632 1Ibm 1Informix Dynamic Server Nov 21, 2024 Aug 20, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in .infxdirs. IBM X-Force ID: 144432.
CVE-2018-1631 1Ibm 1Informix Dynamic Server Nov 21, 2024 Aug 20, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 1...Show more IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 144431.Show less
CVE-2018-1630 1Ibm 1Informix Dynamic Server Nov 21, 2024 Aug 20, 2019 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. IBM X-Force ID: 144430.
CVE-2019-1188 1Microsoft 3Windows 10 Windows Server 2016Windows Server 2019 Feb 20, 2026 Aug 14, 2019 N/A· v4 7.5 HIGH· v3 9.3 HIGH· v2 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rig...Show more A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive(or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target system. The security update addresses the vulnerability by correcting the processing of shortcut LNK references.Show less
CVE-2019-5683 1Nvidia 1Gpu Driver Nov 21, 2024 Aug 6, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not che...Show more NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges.Show less
CVE-2019-10152 2Libpod Project Opensuse 2Leap Libpod Nov 21, 2024 Jul 30, 2019 N/A· v4 7.2 HIGH· v3 2.6 LOW· v2 A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the h...Show more A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.Show less
CVE-2019-13382 1Techsmith 1Snagit Nov 21, 2024 Jul 26, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA...Show more UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA%\Techsmith\TechSmith Recorder\InvalidPresentations that points to an arbitrary folder with an arbitrary file name. TechSmith Relay Classic Recorder prior to 5.2.1 on Windows is vulnerable. The vulnerability was introduced in SnagIT Windows 12.4.1.Show less
CVE-2019-11230 1Avas!t 1Antivirus Nov 21, 2024 Jul 18, 2019 N/A· v4 4.4 MEDIUM· v3 3.6 LOW· v2 In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file,...Show more In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing the product to fail to start on the next system restart.Show less
CVE-2019-13915 1B3log 1Wide Nov 21, 2024 Jul 18, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the a...Show more b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.Show less
CVE-2019-13636 1Gnu 1Patch Nov 21, 2024 Jul 17, 2019 N/A· v4 5.9 MEDIUM· v3 5.8 MEDIUM· v2 In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
CVE-2019-1130 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1703+11 more Oct 29, 2025 Jul 15, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.
CVE-2019-1129 1Microsoft 8Windows 10 1703 Windows 10 1709Windows 10 1803+5 more Oct 29, 2025 Jul 15, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130.
CVE-2019-1074 1Microsoft 3Windows 10 Windows Server 2016Windows Server 2019 Nov 21, 2024 Jul 15, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability c...Show more An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1082.Show less
CVE-2019-12573 1Londontrustmedia 1Private Internet Access Vpn Client Nov 21, 2024 Jul 11, 2019 N/A· v4 7.1 HIGH· v3 6.6 MEDIUM· v2 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launcher binary is setuid...Show more A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpn_launcher binary is setuid root. This binary supports the --log option, which accepts a path as an argument. This parameter is not sanitized, which allows a local unprivileged user to overwrite arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user.Show less
CVE-2019-12571 1Londontrustmedia 1Private Internet Access Vpn Client Nov 21, 2024 Jul 11, 2019 N/A· v4 7.1 HIGH· v3 6.6 MEDIUM· v2 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates...Show more A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is created. If the file exists, it will be truncated and the contents completely overwritten. This file is removed on disconnect. An unprivileged user can create a hard or soft link to arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user.Show less

Previous 1...454647...76 Next