Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2021-44024 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 7.1 |
| 2022-01-10 | CVE-2021-45231 | Link Following vulnerability in Trendmicro products A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. | 7.8 |
| 2022-01-10 | CVE-2021-45442 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 7.1 |
| 2021-12-30 | CVE-2021-20153 | Link Following vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. | 6.8 |
| 2021-12-24 | CVE-2021-23772 | Link Following vulnerability in Iris-Go Iris This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. | 8.8 |
| 2021-12-16 | CVE-2021-44023 | Link Following vulnerability in Trendmicro products A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service. | 7.1 |
| 2021-12-15 | CVE-2021-43237 | Link Following vulnerability in Microsoft products Windows Setup Elevation of Privilege Vulnerability | 7.3 |
| 2021-12-15 | CVE-2021-43238 | Link Following vulnerability in Microsoft products Windows Remote Access Elevation of Privilege Vulnerability | 7.8 |
| 2021-11-24 | CVE-2021-42297 | Link Following vulnerability in Microsoft Windows 10 Update Assistant Windows 10 Update Assistant Elevation of Privilege Vulnerability | 5.0 |
| 2021-11-19 | CVE-2021-44038 | Link Following vulnerability in Quagga An issue was discovered in Quagga through 1.2.4. | 7.8 |