Vulnerabilities > Improper Link Resolution Before File Access ('Link Following')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-1612 | Link Following vulnerability in Cisco Sd-Wan A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. | 7.1 |
| 2021-09-17 | CVE-2021-31843 | Link Following vulnerability in Mcafee Endpoint Security Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location. | 7.8 |
| 2021-09-14 | CVE-2021-41072 | Link Following vulnerability in multiple products squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. | 8.1 |
| 2021-09-06 | CVE-2021-36744 | Link Following vulnerability in Trendmicro products Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service. | 7.8 |
| 2021-08-31 | CVE-2021-37701 | Link Following vulnerability in multiple products The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. | 8.6 |
| 2021-08-31 | CVE-2021-37712 | Link Following vulnerability in multiple products The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. | 8.6 |
| 2021-08-26 | CVE-2021-36928 | Link Following vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | 6.0 |
| 2021-08-24 | CVE-2021-30968 | Link Following vulnerability in Apple products A validation issue related to hard link behavior was addressed with improved sandbox restrictions. | 5.5 |
| 2021-08-24 | CVE-2021-30855 | Link Following vulnerability in Apple products A validation issue existed in the handling of symlinks. | 5.5 |
| 2021-08-16 | CVE-2021-32825 | Link Following vulnerability in Bblfshd Project Bblfshd bblfshd is an open source self-hosted server for source code parsing. | 9.1 |