ReportizFlow
Filtered by vendor
Subscriptions
Total
1452 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-1753 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhel Eus | 2026-03-04 | 8.6 High |
| A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. | ||||
| CVE-2023-41971 | 1 Zscaler | 1 Client Connector | 2026-03-02 | 5.3 Medium |
| An Improper Link Resolution Before File Access ('Link Following') vulnerability in Zscaler Client Connector on Windows allows a system file to be overwritten.This issue affects Client Connector on Windows: before 3.7. | ||||
| CVE-2026-24884 | 1 Node-modules | 1 Compressing | 2026-02-27 | 8.4 High |
| Compressing is a compressing and uncompressing lib for node. In version 2.0.0 and 1.10.3 and prior, Compressing extracts TAR archives while restoring symbolic links without validating their targets. By embedding symlinks that resolve outside the intended extraction directory, an attacker can cause subsequent file entries to be written to arbitrary locations on the host file system. Depending on the extractor’s handling of existing files, this behavior may allow overwriting sensitive files or creating new files in security-critical locations. This issue has been patched in versions 1.10.4 and 2.0.1. | ||||
| CVE-2025-29795 | 1 Microsoft | 2 Edge Update, Edge Update Setup | 2026-02-26 | 7.8 High |
| Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21188 | 1 Microsoft | 2 Azure Network Watcher, Azure Network Watcher Agent | 2026-02-26 | 6 Medium |
| Azure Network Watcher VM Extension Elevation of Privilege Vulnerability | ||||
| CVE-2025-21391 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-02-26 | 7.1 High |
| Windows Storage Elevation of Privilege Vulnerability | ||||
| CVE-2025-21419 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-26 | 7.1 High |
| Windows Setup Files Cleanup Elevation of Privilege Vulnerability | ||||
| CVE-2025-29983 | 1 Dell | 1 Trusted Device Agent | 2026-02-26 | 6.7 Medium |
| Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-20003 | 2026-02-26 | 8.2 High | ||
| Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-1697 | 1 Hp | 1 Touchpoint Analytics Service | 2026-02-26 | 7.8 High |
| A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. This vulnerability could potentially allow a local attacker to escalate privileges. HP is providing software updates to mitigate this potential vulnerability. | ||||
| CVE-2025-36564 | 1 Dell | 1 Encryption | 2026-02-26 | 7.8 High |
| Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. | ||||
| CVE-2025-49738 | 1 Microsoft | 1 Pc Manager | 2026-02-26 | 7.8 High |
| Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49739 | 1 Microsoft | 5 Visual Studio, Visual Studio 2015, Visual Studio 2017 and 2 more | 2026-02-26 | 8.8 High |
| Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-48384 | 4 Apple, Debian, Git and 1 more | 4 Xcode, Debian Linux, Git and 1 more | 2026-02-26 | 8.1 High |
| Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1. | ||||
| CVE-2025-32721 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-02-26 | 7.3 High |
| Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-52837 | 1 Trendmicro | 1 Password Manager | 2026-02-26 | 7.8 High |
| Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow an attacker the opportunity to abuse symbolic links and other methods to delete any file/folder and achieve privilege escalation. | ||||
| CVE-2025-36611 | 1 Dell | 2 Encryption, Security Management Server | 2026-02-26 | 7.3 High |
| Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. | ||||
| CVE-2025-43726 | 1 Dell | 1 Alienware Command Center | 2026-02-26 | 6.7 Medium |
| Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0, contains an Improper Link Resolution Before File Access ('Link Following')" vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||||
| CVE-2025-55245 | 1 Microsoft | 1 Xbox Gaming Services | 2026-02-26 | 7.8 High |
| Improper link resolution before file access ('link following') in Xbox allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55317 | 1 Microsoft | 1 Autoupdate | 2026-02-26 | 7.8 High |
| Improper link resolution before file access ('link following') in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | ||||