Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-20 | CVE-2022-24904 | Link Following vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 4.3 |
2022-05-16 | CVE-2022-30523 | Link Following vulnerability in Trendmicro Password Manager Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine. | 7.8 |
2022-05-12 | CVE-2022-23742 | Link Following vulnerability in Checkpoint Endpoint Security Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. | 7.8 |
2022-05-05 | CVE-2021-44052 | Link Following vulnerability in Qnap Qts, Quts Hero and Qutscloud An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. | 8.1 |
2022-05-03 | CVE-2022-20103 | Link Following vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to symbolic link following. | 4.4 |
2022-05-03 | CVE-2022-20085 | Link Following vulnerability in Google Android 11.0/12.0 In netdiag, there is a possible symbolic link following due to an improper link resolution. | 6.7 |
2022-04-27 | CVE-2022-24372 | Link Following vulnerability in Linksys Mr9600 Firmware Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share. | 4.6 |
2022-04-15 | CVE-2022-20720 | Link Following vulnerability in Cisco IOS XE Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 7.2 |
2022-04-14 | CVE-2022-1256 | Link Following vulnerability in Mcafee Agent A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. | 7.8 |
2022-04-11 | CVE-2022-20068 | Link Following vulnerability in Google Android 10.0/11.0/12.0 In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. | 6.7 |