Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2022-20103 | Link Following vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to symbolic link following. | 4.4 |
| 2022-05-03 | CVE-2022-20085 | Link Following vulnerability in Google Android 11.0/12.0 In netdiag, there is a possible symbolic link following due to an improper link resolution. | 6.7 |
| 2022-04-27 | CVE-2022-24372 | Link Following vulnerability in Linksys Mr9600 Firmware Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share. | 4.6 |
| 2022-04-15 | CVE-2022-20720 | Link Following vulnerability in Cisco IOS XE Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 7.2 |
| 2022-04-14 | CVE-2022-1256 | Link Following vulnerability in Mcafee Agent A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. | 7.8 |
| 2022-04-11 | CVE-2022-20068 | Link Following vulnerability in Google Android 10.0/11.0/12.0 In mobile_log_d, there is a possible symbolic link following due to an improper link resolution. | 6.7 |
| 2022-04-11 | CVE-2022-22962 | Link Following vulnerability in VMWare Horizon VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. | 7.8 |
| 2022-04-09 | CVE-2022-27883 | Link Following vulnerability in Trendmicro Antivirus for mac A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. | 7.3 |
| 2022-04-07 | CVE-2022-26612 | Link Following vulnerability in Apache Hadoop In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. | 9.8 |
| 2022-04-05 | CVE-2021-27116 | Link Following vulnerability in Beego An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally. | 7.8 |