Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-28 | CVE-2021-36286 | Link Following vulnerability in Dell Supportassist Client Consumer Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. | 7.1 |
| 2021-09-27 | CVE-2021-34408 | Link Following vulnerability in Zoom Meetings The Zoom Client for Meetings for Windows in all versions before version 5.3.2 writes log files to a user writable directory as a privileged user during the installation or update of the client. | 7.8 |
| 2021-09-23 | CVE-2021-1612 | Link Following vulnerability in Cisco Sd-Wan A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. | 7.1 |
| 2021-09-17 | CVE-2021-31843 | Link Following vulnerability in Mcafee Endpoint Security Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location. | 7.8 |
| 2021-09-14 | CVE-2021-41072 | Link Following vulnerability in multiple products squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. | 8.1 |
| 2021-09-06 | CVE-2021-36744 | Link Following vulnerability in Trendmicro products Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service. | 7.8 |
| 2021-08-24 | CVE-2021-30968 | Link Following vulnerability in Apple products A validation issue related to hard link behavior was addressed with improved sandbox restrictions. | 5.5 |
| 2021-08-24 | CVE-2021-30855 | Link Following vulnerability in Apple products A validation issue existed in the handling of symlinks. | 5.5 |
| 2021-08-16 | CVE-2021-32825 | Link Following vulnerability in Bblfshd Project Bblfshd bblfshd is an open source self-hosted server for source code parsing. | 9.1 |
| 2021-08-11 | CVE-2021-38570 | Link Following vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. | 9.1 |