Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-11 | CVE-2022-22962 | Link Following vulnerability in VMWare Horizon VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. | 7.8 |
2022-04-09 | CVE-2022-27883 | Link Following vulnerability in Trendmicro Antivirus for mac A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. | 7.3 |
2022-04-07 | CVE-2022-26612 | Link Following vulnerability in Apache Hadoop In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. | 9.8 |
2022-04-05 | CVE-2021-27116 | Link Following vulnerability in Beego An issue was discovered in file profile.go in function MemProf in beego through 2.0.2, allows attackers to launch symlink attacks locally. | 7.8 |
2022-04-05 | CVE-2021-27117 | Link Following vulnerability in Beego An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally. | 7.8 |
2022-04-05 | CVE-2022-0799 | Link Following vulnerability in Google Chrome Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. | 8.8 |
2022-03-30 | CVE-2022-27816 | Link Following vulnerability in Waycrate Swhkd 1.1.5 SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. | 7.1 |
2022-03-30 | CVE-2022-27815 | Link Following vulnerability in Waycrate Swhkd 1.1.5 SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. | 7.8 |
2022-03-25 | CVE-2022-22995 | Link Following vulnerability in multiple products The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. | 9.8 |
2022-03-25 | CVE-2022-26659 | Link Following vulnerability in Docker Desktop Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any administrator writable files by creating a symlink in place of where the installer writes its log file. | 7.1 |