CWE-64
10 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-64page 1 of 1
- CVE-2018-16481MEDIUMCVSS 6.1EG 6.12019-02-01
A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering.
- CVE-2021-1492MEDIUMCVSS 6.6EG 6.62021-03-25
The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful…
- CVE-2021-41562MEDIUMCVSS 6.1EG 6.12021-11-03
A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. This issue affects: Snow Snow Agent for Windows version 5.0.0 to 6.7.1 on Windows.
- CVE-2025-48443MEDIUMCVSS 6.7EG 6.72025-06-17
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context…
- CVE-2025-49384HIGHCVSS 7.8EG 7.82025-06-17
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
- CVE-2025-49385HIGHCVSS 7.8EG 7.82025-06-17
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
- CVE-2025-52521HIGHCVSS 7.8EG 7.82025-07-10
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
- CVE-2025-52837HIGHCVSS 7.8EG 7.82025-07-10
Trend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow an attacker the opportunity to abuse symbolic links and other methods to delete any …
- CVE-2025-53503HIGHCVSS 7.8EG 7.82025-07-10
Trend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
- CVE-2025-7376MEDIUMCVSS 5.9EG 5.92025-08-06
Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3…
Map vulnerabilities like CWE-64 to your infrastructure
EchelonGraph correlates every CVE — across CWE-64 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →