Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-1612 | Link Following vulnerability in Cisco Sd-Wan A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. | 7.1 |
| 2021-09-17 | CVE-2021-31843 | Link Following vulnerability in Mcafee Endpoint Security Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location. | 7.8 |
| 2021-09-14 | CVE-2021-41072 | Link Following vulnerability in multiple products squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. | 8.1 |
| 2021-09-06 | CVE-2021-36744 | Link Following vulnerability in Trendmicro products Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service. | 7.8 |
| 2021-08-24 | CVE-2021-30968 | Link Following vulnerability in Apple products A validation issue related to hard link behavior was addressed with improved sandbox restrictions. | 5.5 |
| 2021-08-24 | CVE-2021-30855 | Link Following vulnerability in Apple products A validation issue existed in the handling of symlinks. | 5.5 |
| 2021-08-16 | CVE-2021-32825 | Link Following vulnerability in Bblfshd Project Bblfshd bblfshd is an open source self-hosted server for source code parsing. | 9.1 |
| 2021-08-11 | CVE-2021-38570 | Link Following vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. | 9.1 |
| 2021-08-10 | CVE-2021-38511 | Link Following vulnerability in TAR Project TAR An issue was discovered in the tar crate before 0.4.36 for Rust. | 7.5 |
| 2021-08-09 | CVE-2021-21740 | Link Following vulnerability in ZTE Zxhn H2640 Firmware 10.0.0C6Ty There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. | 2.4 |