Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
|2022-06-15||CVE-2021-25261|| Link Following vulnerability in Yandex Browser |
Local privilege vulnerability in Yandex Browser for Windows prior to 188.8.131.522 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.
| 7.2 |
|2022-06-15||CVE-2022-28225|| Link Following vulnerability in Yandex Browser |
Local privilege vulnerability in Yandex Browser for Windows prior to 184.108.40.2064 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.
| 7.2 |
|2022-06-12||CVE-2021-41641|| Link Following vulnerability in Deno |
Deno <=1.14.0 file sandbox does not handle symbolic links correctly.
| 3.6 |
|2022-05-27||CVE-2022-30687|| Link Following vulnerability in Trendmicro Maximum Security 2022 17.7 |
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files.
| 6.6 |
|2022-05-26||CVE-2022-26704|| Link Following vulnerability in Apple Macos |
A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks.
| 6.8 |
|2022-05-26||CVE-2022-26688|| Link Following vulnerability in Apple mac OS X and Macos |
An issue in the handling of symlinks was addressed with improved validation.
| 4.9 |
|2022-05-20||CVE-2022-31258|| Link Following vulnerability in Tribe29 Checkmk |
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink.
| 7.2 |
|2022-05-20||CVE-2022-24904|| Link Following vulnerability in Linuxfoundation Argo-Cd |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
| 4.0 |
|2022-05-16||CVE-2022-30523|| Link Following vulnerability in Trendmicro Password Manager |
Trend Micro Password Manager (Consumer) version 220.127.116.116 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine.
| 7.2 |
|2022-05-12||CVE-2022-23742|| Link Following vulnerability in Checkpoint Endpoint Security |
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges.
| 4.6 |