Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-19 | CVE-2022-39253 | Link Following vulnerability in multiple products Git is an open source, scalable, distributed revision control system. | 5.5 |
| 2022-10-10 | CVE-2022-42725 | Link Following vulnerability in Linuxmint Warpinator Warpinator through 1.2.14 allows access outside of an intended directory, as demonstrated by symbolic directory links. | 7.5 |
| 2022-09-28 | CVE-2022-40710 | Link Following vulnerability in Trendmicro Deep Security Agent 20.0 A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2022-09-19 | CVE-2022-34893 | Link Following vulnerability in Trendmicro Security 12.0 Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine. | 7.8 |
| 2022-09-19 | CVE-2022-40143 | Link Following vulnerability in Trendmicro Apex ONE 2019 A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers could allow a local attacker to abuse an insecure directory that could allow a low-privileged user to run arbitrary code with elevated privileges. | 7.3 |
| 2022-09-15 | CVE-2022-39215 | Link Following vulnerability in Tauri Tauri is a framework for building binaries for all major desktop platforms. | 5.8 |
| 2022-09-14 | CVE-2022-0029 | Link Following vulnerability in Paloaltonetworks Cortex XDR Agent An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file. | 5.5 |
| 2022-09-06 | CVE-2022-26456 | Link Following vulnerability in Google Android 11.0 In vow, there is a possible information disclosure due to a symbolic link following. | 4.4 |
| 2022-08-25 | CVE-2021-35938 | Link Following vulnerability in multiple products A symbolic link issue was found in rpm. | 6.7 |
| 2022-08-25 | CVE-2022-34960 | Link Following vulnerability in Mikrotik Routeros 7.4 The container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. | 9.8 |