Weaknesses of type CWE-59
629 resultsCVE-2025-43257HIGHThis issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.6. An app may be able to break out of iEPSS 0.2%CVE-2025-63945HIGHA privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute EPSS 0.2%CVE-2026-26225HIGHIntego Personal Backup Task File Privilege EscalationEPSS 0.2%CVE-2025-63946HIGHA privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execEPSS 0.2%CVE-2025-15310HIGHTanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.EPSS 0.2%CVE-2025-8612HIGHAOMEI Backupper Workstation Link Following Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-9968HIGHA link following vulnerability exists in the UnifyScanner component of Armoury Crate. This vulnerability may be triggered by creating a specEPSS 0.2%CVE-2026-27748HIGHAvira Internet Security Arbitrary File Deletion via Improper Link ResolutionEPSS 0.2%CVE-2025-15318MEDIUMTanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.EPSS 0.2%CVE-2025-9871HIGHRazer Synapse 3 Chroma Connect Link Following Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-9870HIGHRazer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-9869HIGHRazer Synapse 3 Macro Module Link Following Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-43461MEDIUMThis issue was addressed with improved validation of symlinks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protectEPSS 0.2%CVE-2024-13759HIGHLocal Privilege Escalation in Avira Prime 1.1.96.2 on Windows 10 x64EPSS 0.2%CVE-2025-43381MEDIUMThis issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to delete EPSS 0.2%CVE-2025-34352HIGHJumpCloud Remote Assist < 0.317.0 Arbitrary File Write/Delete via Insecure Temp DirectoryEPSS 0.2%CVE-2025-15313MEDIUMTanium addressed an arbitrary file deletion vulnerability in Tanium EUSS.EPSS 0.2%CVE-2023-43078MEDIUMDell Dock Firmware and Dell Client Platform contain an Improper Link Resolution vulnerability during installation resulting in arbitrary folEPSS 0.2%CVE-2024-31952MEDIUMAn issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalEPSS 0.2%CVE-2023-6335MEDIUMImproper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled FileEPSS 0.2%