Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-12 | CVE-2022-0012 | Link Following vulnerability in Paloaltonetworks Cortex XDR Agent An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. | 3.6 |
| 2022-01-11 | CVE-2022-21838 | Link Following vulnerability in Microsoft products Windows Cleanup Manager Elevation of Privilege Vulnerability. | 7.2 |
| 2022-01-10 | CVE-2021-44024 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 6.6 |
| 2022-01-10 | CVE-2021-45442 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 6.6 |
| 2021-12-30 | CVE-2021-20153 | Link Following vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. | 6.9 |
| 2021-12-24 | CVE-2021-23772 | Link Following vulnerability in Iris-Go Iris This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. | 6.8 |
| 2021-12-16 | CVE-2021-44023 | Link Following vulnerability in Trendmicro products A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service. | 3.6 |
| 2021-11-24 | CVE-2021-42297 | Link Following vulnerability in Microsoft Windows 10 Update Assistant Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43211. | 6.9 |
| 2021-11-14 | CVE-2021-41057 | Link Following vulnerability in multiple products In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions. | 3.6 |
| 2021-11-09 | CVE-2021-3641 | Link Following vulnerability in Bitdefender Gravityzone Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. | 2.1 |