Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2021-27117 | Link Following vulnerability in Beego An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally. | 7.8 |
| 2022-04-05 | CVE-2022-0799 | Link Following vulnerability in Google Chrome Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. | 8.8 |
| 2022-03-30 | CVE-2022-27816 | Link Following vulnerability in Waycrate Swhkd 1.1.5 SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. | 7.1 |
| 2022-03-30 | CVE-2022-27815 | Link Following vulnerability in Waycrate Swhkd 1.1.5 SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. | 7.8 |
| 2022-03-25 | CVE-2022-22995 | Link Following vulnerability in multiple products The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. | 9.8 |
| 2022-03-25 | CVE-2022-26659 | Link Following vulnerability in Docker Desktop Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any administrator writable files by creating a symlink in place of where the installer writes its log file. | 7.1 |
| 2022-03-18 | CVE-2022-22585 | Link Following vulnerability in Apple products An issue existed within the path validation logic for symlinks. | 7.5 |
| 2022-03-10 | CVE-2022-20050 | Link Following vulnerability in Google Android 11.0/12.0 In connsyslogger, there is a possible symbolic link following due to improper link resolution. | 6.7 |
| 2022-03-01 | CVE-2022-22262 | Link Following vulnerability in Asus ROG Live Service ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. | 7.7 |
| 2022-02-24 | CVE-2022-24671 | Link Following vulnerability in Trendmicro Antivirus A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges. | 7.8 |