Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2022-28225 | Link Following vulnerability in Yandex Browser Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process. | 7.8 |
| 2022-06-12 | CVE-2021-41641 | Link Following vulnerability in Deno Deno <=1.14.0 file sandbox does not handle symbolic links correctly. | 8.4 |
| 2022-05-27 | CVE-2022-30687 | Link Following vulnerability in Trendmicro Maximum Security 2022 17.7 Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files. | 7.1 |
| 2022-05-26 | CVE-2022-26704 | Link Following vulnerability in Apple mac OS X and Macos A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. | 7.8 |
| 2022-05-26 | CVE-2022-26688 | Link Following vulnerability in Apple mac OS X and Macos An issue in the handling of symlinks was addressed with improved validation. | 4.4 |
| 2022-05-20 | CVE-2022-31258 | Link Following vulnerability in multiple products In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. | 6.7 |
| 2022-05-20 | CVE-2022-24904 | Link Following vulnerability in Argoproj Argo CD Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. | 4.3 |
| 2022-05-16 | CVE-2022-30523 | Link Following vulnerability in Trendmicro Password Manager Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine. | 7.8 |
| 2022-05-12 | CVE-2022-23742 | Link Following vulnerability in Checkpoint Endpoint Security Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. | 7.8 |
| 2022-05-05 | CVE-2021-44052 | Link Following vulnerability in Qnap Qts, Quts Hero and Qutscloud An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. | 8.1 |