Total
1305 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-52561 | 1 Parallels | 1 Parallels Desktop | 2025-07-02 | N/A | 7.8 HIGH |
| A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change the ownership of files owned by root to a lower-privilege user, potentially leading to privilege escalation. | |||||
| CVE-2024-54189 | 1 Parallels | 1 Parallels Desktop | 2025-07-02 | N/A | 7.8 HIGH |
| A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By using a hard link, an attacker can write to an arbitrary file, potentially leading to privilege escalation. | |||||
| CVE-2025-25008 | 1 Microsoft | 5 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 2 more | 2025-07-01 | N/A | 7.1 HIGH |
| Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2024-29007 | 1 Apache | 1 Cloudstack | 2025-06-30 | N/A | 7.3 HIGH |
| The CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means of following 301 HTTP redirects presented by external servers when downloading templates or ISOs. Users are recommended to upgrade to version 4.18.1.1 or 4.19.0.1, which fixes this issue. | |||||
| CVE-2025-3771 | 2025-06-26 | N/A | N/A | ||
| A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to overwrite system files with SIR backup files, which can potentially cause a system crash. This was achieved by adding a malicious entry to the registry under the Trellix SIR registry folder or via policy or with a junction symbolic link to files that the user would not normally have permission to acces | |||||
| CVE-2020-3432 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-06-24 | N/A | 5.6 MEDIUM |
| A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | |||||
| CVE-2025-52936 | 2025-06-23 | N/A | N/A | ||
| Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2. | |||||
| CVE-2023-52094 | 1 Trendmicro | 1 Apex One | 2025-06-20 | N/A | 7.8 HIGH |
| An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-52092 | 1 Trendmicro | 1 Apex One | 2025-06-20 | N/A | 7.8 HIGH |
| A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-52091 | 1 Trendmicro | 1 Apex One | 2025-06-20 | N/A | 7.8 HIGH |
| An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-52090 | 1 Trendmicro | 1 Apex One | 2025-06-20 | N/A | 7.8 HIGH |
| A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2025-30641 | 2025-06-18 | N/A | 7.8 HIGH | ||
| A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2025-30642 | 2025-06-18 | N/A | 5.5 MEDIUM | ||
| A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2025-30640 | 2025-06-18 | N/A | 7.8 HIGH | ||
| A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-47192 | 1 Trendmicro | 1 Apex One | 2025-06-17 | N/A | 7.8 HIGH |
| An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2025-3908 | 2 Linux, Openvpn | 2 Linux Kernel, Openvpn3linux | 2025-06-12 | N/A | 6.2 MEDIUM |
| The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory. | |||||
| CVE-2018-6954 | 3 Canonical, Opensuse, Systemd Project | 3 Ubuntu Linux, Leap, Systemd | 2025-06-09 | 7.2 HIGH | 7.8 HIGH |
| systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on. | |||||
| CVE-2013-4392 | 1 Systemd Project | 1 Systemd | 2025-06-09 | 3.3 LOW | 5.0 MEDIUM |
| systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. | |||||
| CVE-2010-4226 | 2 Gnu, Opensuse | 2 Cpio, Opensuse | 2025-06-09 | 5.0 MEDIUM | 7.2 HIGH |
| cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive. | |||||
| CVE-2025-5474 | 2025-06-09 | N/A | 7.3 HIGH | ||
| 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. User interaction on the part of an administrator is also required. The specific flaw exists within the Mirror functionality. By creating a junction, an attacker can abuse the service to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-26962. | |||||