CWE-59: CWE-59

This vulnerability allows a low-privileged remote attacker with file access to replace a critical watchdog file, gaining read, write, and execute acce...

CVE-2025-41668 allows a low-privileged remote attacker with file access to replace critical files used by the service security-profile, gaining read, ...

This CVE describes a local privilege escalation vulnerability in Microsoft Edge where an attacker can exploit improper link resolution to gain elevate...

This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable versions of binary-husky/gpt_academic. Attackers ca...

GPT Academic version 3.83 contains a Local File Inclusion vulnerability in its HotReload function that allows attackers to read arbitrary files on the...

This CVE describes a link following vulnerability in Qsync Central that allows remote attackers with user access to traverse the file system to uninte...

This vulnerability in HP Hotkey Support software allows local attackers to escalate privileges on affected HP systems. It affects users of HP Programm...

A macOS sandbox escape vulnerability allows malicious applications to bypass security restrictions by exploiting improper symlink handling. This affec...

This vulnerability allows attackers to elevate privileges on Windows systems running Xbox Gaming Services. An authenticated attacker could exploit thi...

This vulnerability in Minecraft Java Edition allows attackers to overwrite arbitrary files and potentially execute code by crafting malicious world da...

This vulnerability allows a remote attacker to escalate privileges on Windows systems by tricking users into running a malicious Chrome offline instal...

This vulnerability in Jenkins allows agents to access files outside their permitted directories by exploiting symbolic links. Attackers can read sensi...

This vulnerability in the Compressing library allows attackers to write files to arbitrary locations on the host filesystem by exploiting improper sym...

This vulnerability in Zillya Total Security allows low-privileged users to escalate privileges by exploiting the quarantine module's file restoration ...

This vulnerability allows a local user on IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0-10.0.6.1 and IBM Securi...

This vulnerability in Pterodactyl Wings allows attackers with existing server access to create arbitrary files and directories on the host system. Thi...

This vulnerability in Deno's file sandbox allows attackers to bypass directory restrictions via symbolic links. When Deno is run with write permission...

This vulnerability in Intel Graphics Driver installers allows authenticated local users to exploit improper link resolution (symlink attacks) to escal...

This vulnerability allows local users on Linux systems running McAfee Endpoint Security to escalate privileges to root/admin level through a race cond...

This vulnerability in NCP Secure Enterprise Client's Support Assistant allows attackers to delete arbitrary files on the operating system by exploitin...

The Jenkins CloudBees CD Plugin vulnerability allows attackers with job configuration permissions to delete arbitrary files on the Jenkins controller ...

A privilege escalation vulnerability in Check Point Identity Agent allows low-privileged users to overwrite protected system files, potentially leadin...

This vulnerability allows remote code execution when cloning malicious Git repositories on case-insensitive file systems (Windows/macOS default). Atta...

A Time-of-Check-Time-of-Use (TOCTOU) vulnerability in Quick Heal Total Security allows local attackers to escalate privileges by replacing malicious f...

This vulnerability in Softland FBackup allows local attackers to exploit a link following weakness (CWE-59) in the HID.dll library during backup/resto...

A macOS vulnerability allows malicious applications to gain root privileges through improper symlink handling. This affects macOS systems before versi...

CVE-2025-15310 is a local privilege escalation vulnerability in Tanium Patch Endpoint Tools that allows authenticated local users to gain elevated pri...

CVE-2025-15319 is a local privilege escalation vulnerability in Tanium's Endpoint Configuration Toolset Solution that allows authenticated local users...

This vulnerability allows an authenticated attacker to exploit improper link resolution in the Windows Task Host process to elevate privileges locally...

This CVE describes a local privilege escalation vulnerability in Bitdefender Total Security where low-privileged attackers can delete arbitrary files ...

This vulnerability allows an authorized attacker to exploit improper link resolution in the Host Process for Windows Tasks to elevate privileges local...

A local privilege escalation vulnerability in Razer Synapse 3's Chroma Connect SDK installer allows attackers to delete arbitrary files via symbolic l...

This vulnerability in Razer Synapse 3 allows local attackers to escalate privileges by exploiting a symbolic link issue in the Razer Synapse Service. ...

This vulnerability in AntiDupl software allows local attackers to exploit link following (symlink attack) through the Delete Duplicate Image Handler f...

This CVE describes a local privilege escalation vulnerability in XBox Gaming Services where an authorized attacker can exploit improper link resolutio...

This vulnerability allows attackers with write access to the configuration file or filesystem to replace the yt-dlp executable with malicious code or ...

This vulnerability in AWS VPN Client for macOS allows local users to escalate privileges to root by exploiting improper symlink validation during log ...