Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-10 | CVE-2022-0017 | Link Following vulnerability in Paloaltonetworks Globalprotect An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. | 7.8 |
| 2022-02-09 | CVE-2022-21997 | Link Following vulnerability in Microsoft products Windows Print Spooler Elevation of Privilege Vulnerability | 7.1 |
| 2022-02-09 | CVE-2022-21999 | Link Following vulnerability in Microsoft products Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
| 2022-01-31 | CVE-2021-23521 | Link Following vulnerability in Juce This affects the package juce-framework/JUCE before 6.1.5. | 7.8 |
| 2022-01-26 | CVE-2022-21944 | Link Following vulnerability in Opensuse Factory Watchman A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. | 7.8 |
| 2022-01-18 | CVE-2021-41551 | Link Following vulnerability in Leostream Connection Broker 9.0.40.17 Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link. | 4.9 |
| 2022-01-12 | CVE-2022-0012 | Link Following vulnerability in Paloaltonetworks Cortex XDR Agent An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. | 7.1 |
| 2022-01-11 | CVE-2022-21838 | Link Following vulnerability in Microsoft products Windows Cleanup Manager Elevation of Privilege Vulnerability | 7.8 |
| 2022-01-11 | CVE-2022-21895 | Link Following vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 7.8 |
| 2022-01-11 | CVE-2022-21919 | Link Following vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 7.0 |