Windows Performance Recorder (WPR) Denial of Service Vulnerability

Improper link resolution before file access 'link following' in Windows Performance Recorder allows an authorized attacker to deny service locally...

Windows AppX Deployment Service Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally...

Azure Service Fabric Runtime Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Service Fabric allows an authorized attacker to elevate privileges locally...

Visual Studio Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Visual Studio allows an unauthorized attacker to elevate privileges over a network...

Windows Update Service Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Windows Update Service allows an authorized attacker to elevate privileges locally...

Microsoft PC Manager Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...

PT-2025-28625

Name of the Vulnerable Software and Affected Versions: Visual Studio affected versions not specified Description: The issue concerns improper link resolution before file access, also known as 'link following', which allows an unauthorized attacker to elevate privileges over a network...

PT-2025-28551 · Microsoft · Windows Appx Deployment Server +1

Name of the Vulnerable Software and Affected Versions: Windows AppX Deployment Service affected versions not specified Description: The issue is related to improper link resolution before file access, also known as 'link following', in the Windows AppX Deployment Service. This allows an authorize...

PT-2025-28504 · Microsoft · Service Fabric

Name of the Vulnerable Software and Affected Versions: Service Fabric affected versions not specified Description: The issue concerns improper link resolution before file access, also known as 'link following', which allows an authorized attacker to elevate privileges locally. This could...

PT-2025-28578 · Microsoft · Windows Performance Recorder +1

Name of the Vulnerable Software and Affected Versions: Windows Performance Recorder affected versions not specified Description: The issue is related to improper link resolution before file access, also known as 'link following', in Windows Performance Recorder. This allows an authorized attacker...

PT-2025-28624 · Microsoft · Pcmanager

Name of the Vulnerable Software and Affected Versions: Microsoft PC Manager affected versions not specified Description: The issue is related to improper link resolution before file access, also known as 'link following', which allows an authorized attacker to elevate privileges locally...

KB5062554: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (July 2025)

The remote Windows host is missing security update 5062554. It is, therefore, affected by multiple vulnerabilities - Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. CVE-2025-49659 - Improper link resolution before file access 'link following' in...

Microsoft Edge (Chromium-based) Privilege Escalation

This repository contains a conceptual proof-of-concept PoC for CVE-2025-47181, a link following privilege escalation vulnerability in Microsoft Edge Chromium-based. This vulnerability allows an attacker to exploit improper link resolution and symbolic link symlink handling by a trusted Edge updat...

Path traversal, lead to remote code execution

Description In zenml's PathMaterializer class, the load function uses ispathwithindirectory to validate files during data.tar.gz extraction. While this prevents path traversal vulnerabilities, it fails to effectively detect symbolic and hard links. with tarfile.openarchivepathlocal, "r:gz" as tar...

CVE-2025-52936

Improper Link Resolution Before File Access 'Link Following' vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2...

CVE-2025-52936

Improper Link Resolution Before File Access 'Link Following' vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2...

DEBIAN-CVE-2025-52936

Improper Link Resolution Before File Access 'Link Following' vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2...

CVE-2025-52936

Improper Link Resolution Before File Access 'Link Following' vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2...

UBUNTU-CVE-2025-52936

Improper Link Resolution Before File Access 'Link Following' vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2...

CVE-2025-52936

CVE-2025-52936 affects the sslh package (yrutschle sslh) prior to 2.2.2. Debian’s DLA-4238-1 and related advisories disclose a link-following vulnerability and fix it in Debian 11 bullseye with package version 1.20-1+deb11u1 . The vulnerability is described as an “Improp­er Link Resolution Before...