CWE-59: CWE-59

This CVE describes a privilege escalation vulnerability in Apple operating systems where improper symlink handling allows malicious applications to ga...

This CVE describes a link following vulnerability in Trend Micro Apex One security agent that allows a local attacker to escalate privileges on affect...

This CVE describes a link following vulnerability in Trend Micro Apex One security agent that allows a local attacker to escalate privileges on affect...

This vulnerability in Trend Micro Apex One agent allows a local attacker with low-privileged code execution to abuse the updater to delete arbitrary f...

This CVE describes a link following vulnerability in Trend Micro Deep Security 20.0 and Cloud One - Endpoint and Workload Security Agent that allows l...

This CVE describes an elevation of privilege vulnerability in Visual Studio that allows authenticated attackers to gain SYSTEM-level privileges on aff...

This vulnerability allows a malicious buildkite-agent user to change ownership of arbitrary directories via a symbolic link attack in the fix-buildkit...

CVE-2023-36391 is a local privilege escalation vulnerability in Windows Local Security Authority Subsystem Service (LSASS) that allows authenticated a...

This vulnerability in Zoom Rooms for macOS allows authenticated users with local access to escalate privileges through improper link following. Attack...

This Windows Installer vulnerability allows attackers to elevate privileges on affected systems by exploiting improper handling of file operations. It...

This Windows authentication vulnerability allows attackers to elevate privileges on affected systems. An authenticated attacker could exploit this to ...

This vulnerability allows an authenticated attacker with local access to an Azure virtual machine to elevate privileges to SYSTEM level through the Ne...

This vulnerability in the Windows Runtime C++ Template Library allows an authenticated attacker to execute arbitrary code with elevated privileges on ...

This vulnerability in Windows Container Manager Service allows an authenticated attacker to gain SYSTEM-level privileges by exploiting improper link r...

This critical vulnerability in ChromeOS allowed attackers to perform arbitrary read/write operations via malicious files, potentially leading to syste...

CVE-2023-36874 is a local privilege escalation vulnerability in the Windows Error Reporting Service that allows authenticated attackers to gain SYSTEM...

This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by exploiting a flaw in Windows Image Acquisition...

This is a Windows privilege escalation vulnerability in the Connected User Experiences and Telemetry service. It allows authenticated attackers to gai...

This Windows Installer vulnerability allows attackers to gain SYSTEM-level privileges by exploiting improper handling of symbolic links. It affects Wi...

This vulnerability allows an authenticated attacker to elevate privileges on Windows Server Update Service (WSUS) servers. Attackers could gain SYSTEM...

This vulnerability allows an authenticated attacker to gain SYSTEM-level privileges on Windows systems by exploiting a flaw in the Container Manager S...

CVE-2023-33865 is a local privilege escalation vulnerability in RenderDoc that allows attackers to gain elevated privileges via symlink attacks. It af...

This vulnerability allows a local attacker on Windows systems to escalate privileges by exploiting insufficient data validation in Google Chrome's ins...

This vulnerability in Wacom Tablet Driver installer for macOS allows arbitrary code execution with root privileges when a user is tricked into running...

This vulnerability in Sysinternals Sysmon for Windows allows attackers to elevate privileges from a low-privileged user to SYSTEM level. It affects Wi...

This vulnerability in Malwarebytes AdwCleaner 8.4.0 allows non-admin users to escalate privileges to SYSTEM by exploiting an insecure file deletion op...

This vulnerability in Malwarebytes allows attackers to delete arbitrary files via symbolic link exploitation in the local quarantine system. It affect...

This vulnerability in Microsoft OneDrive for macOS allows an attacker to gain elevated privileges on the system. An authenticated attacker could explo...

This CVE describes a local privilege escalation vulnerability in Trend Micro Apex One's scanning function. An attacker with low-privileged access can ...

This vulnerability in Trend Micro Apex One allows a local attacker with low-privileged access to escalate privileges by manipulating file links. Attac...

This CVE describes a local privilege escalation vulnerability in Yandex Browser for Windows. A local attacker with low privileges can manipulate symbo...

This vulnerability allows a local attacker with low privileges to execute arbitrary code with SYSTEM privileges by manipulating symbolic links during ...

This vulnerability in ABB Drive Composer allows low-privileged users to create and write arbitrary files anywhere on the file system with SYSTEM privi...

This vulnerability in ABB Drive Composer allows low-privileged users to create and write arbitrary files anywhere on the file system with SYSTEM privi...

This macOS vulnerability allows malicious applications to bypass symlink validation and gain elevated privileges. It affects macOS Monterey versions b...

This vulnerability in Trend Micro Password Manager allows a local attacker with low privileges to delete arbitrary folder contents with SYSTEM-level p...

This vulnerability in Beego's MemProf function allows local attackers to perform symlink attacks, potentially overwriting arbitrary files on the syste...

This vulnerability allows a local attacker with low-privileged code execution to escalate privileges by creating mount points and deleting arbitrary f...

CVE-2021-44730 is a privilege escalation vulnerability in snapd where improper validation of the snap-confine binary location allows local attackers t...

This vulnerability allows an authenticated attacker to exploit the Windows User Profile Service to gain SYSTEM privileges on affected Windows systems....

This vulnerability allows an authenticated attacker to execute code with SYSTEM privileges on Windows systems by exploiting improper link resolution i...

This vulnerability allows a remote attacker to escalate privileges on Windows systems running vulnerable versions of Google Chrome. By tricking a user...

This vulnerability in Acronis True Image 2020 allows unprivileged users to escalate privileges to SYSTEM by exploiting improper access controls in the...

This CVE describes a local privilege escalation vulnerability in McAfee Total Protection's File Lock component. A local user can manipulate symbolic l...

CVE-2020-28007 is a privilege escalation vulnerability in Exim mail servers where an attacker can create symbolic or hard links in the log directory t...

CVE-2021-28321 is an elevation of privilege vulnerability in Microsoft's Diagnostics Hub Standard Collector Service. It allows authenticated attackers...

CVE-2021-30463 is a local privilege escalation vulnerability in VestaCP that allows attackers to gain admin privileges by exploiting symlink creation ...

A local privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows allows low-privileged attackers to load arbitrary DLLs via...

CVE-2021-26889 is an elevation of privilege vulnerability in the Windows Update Stack that allows authenticated attackers to execute arbitrary code wi...

Western Digital My Cloud OS 5 devices before version 5.10.122 have a symbolic link following vulnerability in SMB and AFP shares. This allows attacker...