Lucene search
+L

385 matches found

CVE
CVE
added 2026/01/14 10:16 p.m.8 views

CVE-2025-13154

CVE-2025-13154 affects Lenovo Vantage SmartPerformanceAddin. Root cause: improper link following enabling an authenticated local user to delete arbitrary files with elevated privileges. Impact: local privilege escalation with high availability impact; base metrics: CVSS v3.1 (AV:L/AC:L/PR:L/UI:N/...

6.8CVSS6.2AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/14 10:16 p.m.19 views

CVE-2025-13154

An improper link following vulnerability was reported in the SmartPerformanceAddin for Lenovo Vantage that could allow an authenticated local user to perform an arbitrary file deletion with elevated privileges...

6.8CVSS0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.7 views

Lenovo Vantage 安全漏洞

Lenovo Vantage is a computer management application from the Chinese company Lenovo Lenovo. The program supports features such as driver updates, device status diagnostics, and computer configuration. A security vulnerability exists in Lenovo Vantage, which stems from improper link following and...

6.8CVSS5.9AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.9 views

PT-2026-2958

Name of the Vulnerable Software and Affected Versions Lenovo Vantage SmartPerformanceAddin versions prior to 1.1.0.1111 Description An improper link following issue exists in the SmartPerformanceAddin for Lenovo Vantage. This allows an authenticated local user to perform arbitrary file deletion...

6.8CVSS5.9AI score0.00118EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/12/10 6:13 p.m.5 views

CVE-2025-46637

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges...

7.3CVSS6.5AI score0.00092EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 6:15 p.m.4 views

CVE-2025-46637

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges...

7.3CVSS0.00092EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 6:15 p.m.7 views

CVE-2025-46636

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

6.6CVSS5.8AI score0.00082EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 5:34 p.m.6 views

EUVD-2025-202264

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

6.6CVSS5.8AI score0.00082EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/09 5:31 p.m.9 views

EUVD-2025-202266

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges...

7.3CVSS6.1AI score0.00092EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.10 views

PT-2025-50111

Name of the Vulnerable Software and Affected Versions Dell Encryption versions prior to 11.12.1 Description Dell Encryption contains an Improper Link Resolution Before File Access 'Link Following' issue. A local attacker with low privileges could potentially tamper with information by exploiting...

6.6CVSS6.1AI score0.00082EPSS
Exploits0References3
OSV
OSV
added 2025/11/25 10:3 p.m.9 views

JLSEC-2025-235 An improper link resolution flaw while extracting an archive can lead to changing the access control...

An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...

7.8CVSS6.7AI score0.00367EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Improper Link Resolution Before File Access (CVE-2021-28153)

An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is...

5.3CVSS6.7AI score0.02622EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.9 views

Generex UPS Adapter CS141 Improper Link Resolution Before File Access (CVE-2022-47188)

There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An attacker, making use of the default credentials, could upload a backup file containing a symlink to /etc/shadow, allowing him to obtain the content of this path. This plugin only works with Tenable.ot...

7.5CVSS8AI score0.00914EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/12 5:7 p.m.4 views

CVE-2025-24918

Improper link resolution before file access 'link following' for some IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an...

6.7CVSS6.5AI score0.00124EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 5:59 p.m.6 views

EUVD-2025-93447

Improper link resolution before file access 'link following' in Windows Routing and Remote Access Service RRAS allows an authorized attacker to deny service locally...

5.5CVSS5.3AI score0.00489EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 4:50 p.m.3 views

CVE-2025-24918

Improper link resolution before file access 'link following' for some IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an...

6.7CVSS6.1AI score0.00124EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/11/11 4:0 p.m.12 views

Host Process for Windows Tasks Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.04666EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.7 views

Intel Server Configuration Utility和Intel Server Firmware Update Utility 后置链接漏洞

Intel Server Configuration Utility and Intel Server Firmware Update Utility are both products of Intel Corporation Intel, U.S.A. Intel Server Configuration Utility is a command line utility. Intel Server Firmware Update Utility is a command line utility. A backlink vulnerability exists in Intel...

6.7CVSS6.8AI score0.00124EPSS
Exploits0References2
OSV
OSV
added 2025/10/24 2:39 p.m.6 views

BIT-DOTNET-2025-55247 .NET Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in .NET allows an authorized attacker to elevate privileges locally...

7.3CVSS6.9AI score0.00556EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/14 5:45 p.m.1 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper handling of symbolic links before file access. An attacker can gain elevated privileges by exploiting the way the system resolves links, potentially accessing or modifying files with higher permissions...

7.3CVSS9.3AI score0.00556EPSS
Exploits0References2
Rows per page
Query Builder