Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')

DATE CVE VULNERABILITY TITLE RISK
2025-03-23 CVE-2025-29795 Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-59
7.8
2025-03-11 CVE-2025-25008 Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
local
low complexity
CWE-59
7.1
2025-03-03 CVE-2025-25185 Link Following vulnerability in Binary-Husky GPT Academic
GPT Academic provides interactive interfaces for large language models.
network
low complexity
binary-husky CWE-59
7.5
2025-02-13 CVE-2025-22480 Link Following vulnerability in Dell Supportassist 3.2.0.90
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability.
local
low complexity
dell CWE-59
7.8
2025-01-27 CVE-2025-24103 Link Following vulnerability in Apple Macos
This issue was addressed with improved validation of symlinks.
local
low complexity
apple CWE-59
5.5
2025-01-27 CVE-2025-24104 Link Following vulnerability in Apple Iphone OS
This issue was addressed with improved handling of symlinks.
local
low complexity
apple CWE-59
5.5
2025-01-27 CVE-2025-24136 Link Following vulnerability in Apple Macos
This issue was addressed with improved validation of symlinks.
local
low complexity
apple CWE-59
4.4
2025-01-15 CVE-2024-57728 Link Following vulnerability in Simple-Help Simplehelp
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e.
network
low complexity
simple-help CWE-59
7.2
2024-12-30 CVE-2024-13043 Link Following vulnerability in Watchguard Panda Dome 22.02.01
Panda Security Dome Link Following Local Privilege Escalation Vulnerability.
local
low complexity
watchguard CWE-59
7.8
2024-12-25 CVE-2024-52535 Link Following vulnerability in Dell products
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remediation component.
network
low complexity
dell CWE-59
8.8