CWE-59: CWE-59

This vulnerability allows a local user on a Windows system to escalate privileges to SYSTEM level and delete arbitrary files, potentially causing deni...

This vulnerability in Google Chrome's Cryptohome component allows a local attacker to escalate operating system privileges through a specially crafted...

This CVE-2020-16939 is a Windows Group Policy privilege escalation vulnerability where improper access checks allow authenticated attackers to run pro...

Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability where the application follows symbolic links when creating support...

CVE-2022-22262 is a local privilege escalation vulnerability in ROG Live Service where improper symbolic link handling allows unauthenticated local at...

CVE-2025-8959 is a symlink attack vulnerability in HashiCorp's go-getter library that allows attackers to read files outside the intended download dir...

CVE-2025-25185 is a path traversal vulnerability in GPT Academic that allows attackers to read arbitrary files on the server by exploiting improper sy...

HashiCorp's go-slug library is vulnerable to a zip-slip attack when extracting tar archives with non-existing user-provided paths. This allows attacke...

This macOS vulnerability allows websites to access sensitive user data through improper symlink resolution. It affects macOS Monterey, Ventura, and So...

This vulnerability allows attackers to access sensitive system configuration files via path traversal in the TechView LA-5570 Wireless Gateway. Attack...

A local privilege escalation vulnerability in cloudflared's Windows 32-bit installer allows attackers without administrative rights to delete or repla...

This vulnerability in the Iris web framework allows attackers to perform directory traversal attacks during file uploads. By manipulating file names i...

This vulnerability in Huawei smartphones allows attackers to access and modify files through improper symlink handling during backup restoration. Atta...

This vulnerability in the Rust tar crate allows attackers to create arbitrary directories outside the intended extraction path when processing TAR arc...

This CVE describes a remote code execution vulnerability in Microsoft Windows shortcut (.LNK) file processing. An attacker can execute arbitrary code ...

A local privilege escalation vulnerability in Tencent iOA for Windows allows authenticated local users to execute programs with elevated privileges by...

This vulnerability in MSP360 Free Backup allows local attackers to escalate privileges to SYSTEM by exploiting a link following flaw in the restore fu...

Dell Encryption versions before 11.12.1 contain a link-following vulnerability that allows local attackers to escalate privileges. This affects system...

This vulnerability allows a local malicious user to exploit improper link resolution in Dell Encryption and Dell Security Management Server, potential...

This vulnerability allows an authorized attacker to exploit improper link resolution in Windows Performance Recorder, enabling local denial of service...

This vulnerability allows an authorized attacker on a Windows system to exploit improper link resolution in the Windows Recovery Driver, enabling loca...

This Windows Installer vulnerability allows attackers to elevate privileges on affected systems by exploiting improper handling of symbolic links. It ...

This vulnerability in Foxit PDF Reader allows local attackers to escalate privileges from low-privileged user accounts to SYSTEM level by exploiting a...

CVE-2024-22038 is a vulnerability in obs-scm-bridge that allows attackers to leak sensitive information or cause denial of service by creating special...

This vulnerability in Azure Network Watcher VM Agent allows authenticated attackers to elevate privileges on affected virtual machines. Attackers coul...

This vulnerability allows attackers to elevate privileges on systems running affected .NET, .NET Framework, or Visual Studio installations. An authent...

This vulnerability allows an authenticated attacker to gain SYSTEM-level privileges on Windows servers running the File Server Resource Management Ser...

This vulnerability in Azure Connected Machine Agent allows an authenticated attacker to elevate privileges on affected systems. Attackers could gain S...

CVE-2022-38604 is an arbitrary file deletion vulnerability in Wacom tablet drivers for Windows. Attackers can delete arbitrary files on affected syste...

This vulnerability in Trend Micro Antivirus for Mac allows attackers with low-level system privileges to create symbolic links that can lead to privil...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files by exploiting symbolic links or FIFOs. When used by...

CVE-2021-32555 is a path traversal vulnerability in Apport's read_file() function that follows symbolic links and opens FIFOs, potentially exposing se...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files by exploiting symbolic links or FIFOs. It affects U...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files by exploiting symbolic links or FIFOs. It affects U...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files via symbolic link or FIFO manipulation. When exploi...

This CVE describes a privilege escalation vulnerability in GitHub Enterprise Server where authenticated enterprise administrators could gain root SSH ...

This vulnerability in SonicWall NetExtender Windows client allows attackers to manipulate file paths through improper link resolution, potentially lea...

CVE-2024-57728 is a path traversal vulnerability in SimpleHelp remote support software that allows authenticated admin users to upload arbitrary files...

This vulnerability allows attackers to manipulate symbolic links to access arbitrary files on macOS systems running vulnerable versions of HYPR Workfo...

Zed code editor versions before 0.225.9 have a symlink escape vulnerability that allows reading and writing files outside the project directory when s...

A local privilege escalation vulnerability in Fortinet FortiClient for Windows allows low-privileged attackers to write arbitrary files with elevated ...

A path traversal vulnerability in SIR 1.0.3 and earlier allows authenticated non-admin local users to overwrite system files by manipulating backup fi...

This vulnerability in the gluon-cv library allows attackers to overwrite arbitrary files on a victim's system through a TarSlip attack. When the Image...

This CVE describes a local privilege escalation vulnerability in Microsoft Windows where an attacker with existing access can exploit improper link re...

This vulnerability allows an authenticated attacker to exploit Windows Setup cleanup processes to gain SYSTEM privileges on affected systems. It affec...

This Windows Storage Elevation of Privilege vulnerability allows authenticated attackers to gain SYSTEM-level privileges by exploiting improper handli...

This vulnerability allows an authenticated attacker with local access to a virtual machine to elevate privileges to SYSTEM level through the Azure Net...

This CVE describes an elevation of privilege vulnerability in Azure Monitor Agent that allows authenticated attackers to gain higher privileges on aff...

This vulnerability allows an attacker to exploit improper link resolution in Zscaler Client Connector on macOS, enabling them to overwrite system file...

CVE-2023-36399 is an elevation of privilege vulnerability in Windows Storage that allows authenticated attackers to gain SYSTEM-level privileges on af...