Lucene search
K

327 matches found

Cvelist
Cvelist
added 13 hours ago10 views

CVE-2026-6851 Improper link resolution before file access in Bitdefender Total Security via Link Following (VA-13681)

An Improper link resolution before file access 'link following' vulnerability in the File Shredder module as used in Bitdefender Total Security and Internet Security on Windows allows a less-privileged local user to elevate rights by leveraging a race conditions via Symbolic Links. This issue...

7CVSS
Exploits0References1
EUVD
EUVD
added 13 hours ago5 views

EUVD-2026-43632

An Improper link resolution before file access 'link following' vulnerability in the File Shredder module as used in Bitdefender Total Security and Internet Security on Windows allows a less-privileged local user to elevate rights by leveraging a race conditions via Symbolic Links. This issue...

7CVSS6.1AI score
Exploits0References1
NVD
NVD
added 2026/07/07 5:16 p.m.8 views

CVE-2026-14904

AWS Research and Engineering Studio RES is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS. Improper link resolution before file access issue CWE-59 in the Auth.GetUserPrivateKey API. An authenticated remot...

7.1CVSS0.00381EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/07 4:37 p.m.49 views

CVE-2026-14904 RES Auth.GetUserPrivateKey Arbitrary File Read

AWS Research and Engineering Studio RES is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS. Improper link resolution before file access issue CWE-59 in the Auth.GetUserPrivateKey API. An authenticated remot...

7.1CVSS0.00381EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/03 8:35 p.m.10 views

EUVD-2026-41579

Improper link resolution before file access 'link following' in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...

7.4CVSS5.9AI score0.00745EPSS
Exploits0References1
CVE
CVE
added 2026/07/03 12:9 p.m.20 views

CVE-2026-44269

CVE-2026-44269 affects Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.6; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70) and is due to an improper link resolution before file access (link following). A high-privilege attacker with local access could pote...

4.4CVSS5.9AI score0.00133EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.10 views

PT-2026-55623

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper link resolution before file access, also known as link following, allows an unauthorized attacker to disclose information over a network. Recommendations At the...

7.4CVSS5.8AI score0.00745EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/22 6:47 p.m.4 views

CVE-2026-44274

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

7.8CVSS5.9AI score0.00127EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 6:47 p.m.33 views

CVE-2026-44274

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain an Improper Link Resolution Before File Access vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...

7.8CVSS0.00127EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.13 views

PT-2026-51378

Name of the Vulnerable Software and Affected Versions Dell Wyse Management Suite versions prior to 2605 Description An improper link resolution before file access allows a low privileged attacker with local access to potentially gain unauthorized access. Recommendations Update to version 2605 or...

7.8CVSS5.9AI score0.00127EPSS
Exploits0References3
OSV
OSV
added 2026/06/18 9:47 a.m.5 views

BIT-DOTNET-2026-45491 .NET Tampering Vulnerability

Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally...

6.2CVSS5.2AI score0.00388EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/11 11:53 a.m.9 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/11 11:53 a.m.8 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 8:32 p.m.8 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 8:29 p.m.7 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
OSV
OSV
added 2026/06/09 5:17 p.m.7 views

UBUNTU-CVE-2026-45491

Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally...

6.2CVSS5.4AI score0.00388EPSS
Exploits0References6
CVE
CVE
added 2026/06/09 5:6 p.m.68 views

CVE-2026-42989

Winlogon Elevation of Privilege (CVE-2026-42989) is caused by improper link resolution before file access ("link following"). This vulnerability allows an authorized, local attacker to gain higher privileges. Affected: Winlogon component on Windows; impact is local privilege escalation with a CVS...

7.8CVSS5.4AI score0.02282EPSS
Exploits0References1Affected Software13
CVE
CVE
added 2026/06/09 5:4 p.m.55 views

CVE-2026-45491

CVE-2026-45491 concerns an improper link resolution before file access ('link following') in .NET, enabling a local attacker to tamper with files. The description from NVD/CVE records specifies local attack vector with low attack complexity and no user interaction, resulting in potential integrit...

6.2CVSS5.4AI score0.00388EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.19 views

Microsoft PC Manager Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00329EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/09 8:41 a.m.42 views

CVE-2026-28262

Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

6CVSS0.00095EPSS
Exploits0References1
Rows per page
Query Builder