Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-29 | CVE-2022-41973 | Link Following vulnerability in multiple products multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. | 7.8 |
| 2022-10-26 | CVE-2022-31256 | Link Following vulnerability in Opensuse Factory A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. | 7.8 |
| 2022-10-19 | CVE-2022-39253 | Link Following vulnerability in multiple products Git is an open source, scalable, distributed revision control system. | 5.5 |
| 2022-10-10 | CVE-2022-42725 | Link Following vulnerability in Linuxmint Warpinator Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links. | 7.5 |
| 2022-09-28 | CVE-2022-40710 | Link Following vulnerability in Trendmicro Deep Security Agent 20.0 A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2022-09-28 | CVE-2022-38699 | Link Following vulnerability in Asus Armoury Crate Service 5.1.5.0 Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. | 5.9 |
| 2022-09-19 | CVE-2022-34893 | Link Following vulnerability in Trendmicro Security 12.0 Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine. | 7.8 |
| 2022-09-19 | CVE-2022-40143 | Link Following vulnerability in Trendmicro Apex ONE 2019 A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers could allow a local attacker to abuse an insecure directory that could allow a low-privileged user to run arbitrary code with elevated privileges. | 7.3 |
| 2022-09-15 | CVE-2022-39215 | Link Following vulnerability in Tauri Tauri is a framework for building binaries for all major desktop platforms. | 5.8 |
| 2022-09-14 | CVE-2022-0029 | Link Following vulnerability in Paloaltonetworks Cortex XDR Agent An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file. | 5.5 |