Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-20 | CVE-2022-31250 | Link Following vulnerability in Opensuse Tumbleweed 2.6.24.2 A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the keylime user to root. | 7.8 |
| 2022-07-18 | CVE-2022-32450 | Link Following vulnerability in Anydesk 7.0.9 AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there. | 7.1 |
| 2022-07-06 | CVE-2022-21770 | Link Following vulnerability in Google Android 11.0/12.0 In sound driver, there is a possible information disclosure due to symlink following. | 6.7 |
| 2022-06-28 | CVE-2022-2145 | Link Following vulnerability in Cloudflare Warp Cloudflare WARP client for Windows (up to v. | 7.8 |
| 2022-06-27 | CVE-2022-31036 | Link Following vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 4.3 |
| 2022-06-24 | CVE-2021-42056 | Link Following vulnerability in Thalesgroup Safenet Authentication Client 10.7.7 Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges. | 6.7 |
| 2022-06-21 | CVE-2022-34008 | Link Following vulnerability in Comodo Antivirus 12.2.2.8012 Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. | 7.8 |
| 2022-06-17 | CVE-2022-25856 | Link Following vulnerability in Argo Events Project Argo Events The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. | 7.5 |
| 2022-06-15 | CVE-2021-25261 | Link Following vulnerability in Yandex Browser Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | 7.8 |
| 2022-06-15 | CVE-2022-28225 | Link Following vulnerability in Yandex Browser Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | 7.8 |