Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')

DATE CVE VULNERABILITY TITLE RISK
2023-01-10 CVE-2022-38482 Link Following vulnerability in Mega Hopex 15.2.0.6110
A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4.
network
low complexity
mega CWE-59
4.3
2023-01-03 CVE-2022-36943 Link Following vulnerability in Ssziparchive Project Ssziparchive
SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks.
network
low complexity
ssziparchive-project CWE-59
8.1
2022-12-24 CVE-2022-45798 Link Following vulnerability in Trendmicro Apex ONE 2019
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file.
local
low complexity
trendmicro CWE-59
7.8
2022-12-22 CVE-2022-45412 When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer.
network
low complexity
CWE-59
8.8
2022-12-12 CVE-2021-3942 Link Following vulnerability in HP products
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.
network
low complexity
hp CWE-59
critical
9.8
2022-12-08 CVE-2022-4122 Link Following vulnerability in multiple products
A vulnerability was found in buildah.
network
low complexity
podman-project fedoraproject CWE-59
5.3
2022-11-23 CVE-2009-1142 Link Following vulnerability in VMWare Open VM Tools 2009.03.18154848
An issue was discovered in open-vm-tools 2009.03.18-154848.
local
low complexity
vmware CWE-59
6.7
2022-11-23 CVE-2009-1143 Link Following vulnerability in VMWare Open-Vm-Tools 2009.03.18154848
An issue was discovered in open-vm-tools 2009.03.18-154848.
local
high complexity
vmware CWE-59
7.0
2022-11-07 CVE-2022-44747 Link Following vulnerability in Acronis Cyber Protect Home Office
Local privilege escalation due to improper soft link handling.
local
low complexity
acronis CWE-59
7.8
2022-11-01 CVE-2022-32905 Link Following vulnerability in Apple Macos
This issue was addressed with improved validation of symlinks.
local
low complexity
apple CWE-59
7.8