Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-15 | CVE-2021-25261 | Link Following vulnerability in Yandex Browser Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | 7.2 |
2022-06-15 | CVE-2022-28225 | Link Following vulnerability in Yandex Browser Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | 7.2 |
2022-06-12 | CVE-2021-41641 | Link Following vulnerability in Deno Deno <=1.14.0 file sandbox does not handle symbolic links correctly. | 3.6 |
2022-05-27 | CVE-2022-30687 | Link Following vulnerability in Trendmicro Maximum Security 2022 17.7 Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files. | 6.6 |
2022-05-26 | CVE-2022-26704 | Link Following vulnerability in Apple Macos A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. | 6.8 |
2022-05-26 | CVE-2022-26688 | Link Following vulnerability in Apple mac OS X and Macos An issue in the handling of symlinks was addressed with improved validation. | 4.9 |
2022-05-20 | CVE-2022-31258 | Link Following vulnerability in Tribe29 Checkmk In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. | 7.2 |
2022-05-20 | CVE-2022-24904 | Link Following vulnerability in Linuxfoundation Argo-Cd Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 4.0 |
2022-05-16 | CVE-2022-30523 | Link Following vulnerability in Trendmicro Password Manager Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine. | 7.2 |
2022-05-12 | CVE-2022-23742 | Link Following vulnerability in Checkpoint Endpoint Security Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. | 4.6 |