Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-23 | CVE-2023-28071 | Link Following vulnerability in Dell Alienware Update, Command Update and Update Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. | 7.1 |
| 2023-06-07 | CVE-2023-33865 | Link Following vulnerability in Renderdoc RenderDoc before 1.27 allows local privilege escalation via a symlink attack. | 7.8 |
| 2023-05-30 | CVE-2023-2939 | Link Following vulnerability in Google Chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. | 7.8 |
| 2023-05-30 | CVE-2023-33245 | Link Following vulnerability in Minecraft Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink. | 8.8 |
| 2023-05-30 | CVE-2023-34204 | Link Following vulnerability in Imapsync Project Imapsync imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. | 6.5 |
| 2023-05-25 | CVE-2023-27529 | Link Following vulnerability in Wacom Tablet Driver Installer Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution before file access vulnerability. | 7.8 |
| 2023-04-27 | CVE-2022-31647 | Link Following vulnerability in Docker Desktop Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659. | 7.1 |
| 2023-04-27 | CVE-2022-34292 | Link Following vulnerability in Docker Desktop Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647. | 7.1 |
| 2023-04-11 | CVE-2022-38604 | Link Following vulnerability in Wacom Driver 6.3.451/6.3.461 Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability. | 7.3 |
| 2023-04-11 | CVE-2022-43293 | Link Following vulnerability in Wacom Driver 6.3.451/6.3.461 Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe. | 5.9 |