CWE-59: CWE-59

CVE-2025-15314 is an arbitrary file deletion vulnerability in Tanium's end-user-cx component that allows authenticated attackers to delete files on af...

CVE-2025-15318 is an arbitrary file deletion vulnerability in Tanium's Endpoint Configuration Toolset Solution that allows authenticated attackers to ...

An authenticated local user can exploit this improper link following vulnerability in Lenovo Vantage's SmartPerformanceAddin to delete arbitrary files...

This CVE describes a macOS vulnerability where improper symlink validation could allow an application to bypass file system protections and access sen...

This CVE describes a macOS vulnerability where improper symlink handling allows malicious applications to delete protected user data. It affects macOS...

This vulnerability in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to create symbolic links that cause the service t...

A symlink handling vulnerability in macOS allows applications to bypass file system protections and access sensitive user data. This affects macOS Seq...

This CVE describes a symlink validation vulnerability in Apple operating systems that could allow malicious apps to bypass file system protections and...

A macOS vulnerability allows malicious applications to bypass Privacy preferences by exploiting improper symlink validation. This affects macOS system...

This vulnerability in Roo Code allows attackers with write access to bypass .rooignore file protections using symbolic links, potentially exposing sen...

This CVE describes a macOS vulnerability where improper symlink handling allows applications to access sensitive user data. It affects macOS systems b...

A link following vulnerability in Trend Micro Deep Security 20.0 agents allows local attackers to create denial of service conditions. This affects sy...

This vulnerability involves inconsistent symlink handling in Go's os.OpenFile function when using O_CREATE|O_EXCL flags on Windows versus Unix systems...

This CVE describes a path handling vulnerability in macOS that allows improper symlink validation. Attackers could potentially exploit this to access ...

A symlink validation vulnerability in macOS allows applications to bypass file system protections and access protected user data. This affects macOS V...

This vulnerability allows an attacker to modify protected system files on iOS/iPadOS devices by restoring a maliciously crafted backup file containing...

This vulnerability in Windows Event Tracing allows attackers to cause a denial of service condition by sending specially crafted requests. It affects ...

This vulnerability allows malicious applications to bypass symlink validation and access sensitive user data on macOS. It affects macOS systems before...

This vulnerability in AVG AntiVirus Free allows local attackers to create a denial-of-service condition by exploiting a symbolic link handling flaw in...

This macOS vulnerability allows malicious applications to create symbolic links to protected disk regions, potentially bypassing security restrictions...

This CVE describes a symlink validation vulnerability in macOS that allows an application to bypass file system protections and modify restricted area...

This vulnerability allows malicious apps to bypass symlink validation and access sensitive user data on Apple devices. It affects iOS, iPadOS, and mac...

This vulnerability in Go's containers/common library allows attackers to exploit symbolic links when FIPS mode is enabled, potentially mounting sensit...

This CVE describes a TOCTOU race condition vulnerability in the filelock Python package's SoftFileLock implementation. Attackers with local filesystem...

This vulnerability in Zscaler Client Connector on Windows allows attackers to overwrite system files through improper link resolution. It affects all ...

CVE-2025-15328 is an improper link resolution vulnerability in Tanium Enforce that could allow attackers to access files they shouldn't be able to rea...

This CVE allows attackers who control the virt-launcher pod filesystem to change ownership of arbitrary host node files to the unprivileged UID 107 us...

This vulnerability allows attackers with local, unprivileged access to escalate privileges by exploiting improper symbolic link handling in TeamViewer...

This vulnerability allows physically present attackers to access arbitrary files on NETGEAR RAX30 routers by exploiting improper symbolic link handlin...

This CVE describes a TOCTOU vulnerability in virtualenv that allows local attackers to exploit race conditions during directory creation. Attackers ca...

This macOS vulnerability allows malicious applications to create symbolic links to protected disk regions, potentially bypassing security restrictions...

This vulnerability in Microsoft Azure File Sync allows authenticated attackers to elevate privileges within the Azure File Sync service. It affects or...

This macOS vulnerability allows malicious applications to bypass symlink protections and access protected user data. It affects macOS systems before s...

Intego Personal Backup for macOS contains a local privilege escalation vulnerability where non-privileged users can write malicious backup task files ...

This vulnerability in TP-Link VX800v v1.0 SFTP service allows authenticated attackers on the same network to create symbolic links that bypass directo...

This vulnerability allows an attacker with physical access to a TP-Link VX800v v1.0 device to read system files by connecting a specially crafted USB ...

This vulnerability allows local low-privileged attackers to achieve arbitrary file writes or deletions on Windows systems by exploiting insecure tempo...

A symlink vulnerability in Revenera InstallShield allows local administrators to cause denial of service during uninstallation. When removing a user-w...